The General Data Protection Regulation and What It Means For You

You bet it will. Here are seven facts about the 28-member EU attempt to strengthen data security including 72-hour breach reporting, stronger consumer consent, and high fines:

• On May 25, 2018, any company that gathers data on EU citizens needs to comply with the GDPR.
• A PwC survey suggested that 92 percent of US companies consider GDPR a top data protection priority.
• If you collect personal data or behavioral information from someone in an EU country when the data is collected, your company is subject to the requirements of the GDPR.

• At first glance this sounds like it might not apply to US businesses. However, any US company with a web presence and marketing products all over the web may need to comply.
• A financial transaction does not need to occur. If your business collects personal data or personally identifiable information (PII), the data needs protection using GDPR guidelines.
• Generic marketing does not count, just targeted marketing.
• The EU is serious about a uniform data and privacy law for its market. This rule has already changed the web practices of major US companies.

You Need To Know About GDPR

In general, if your enterprise is a US based hospitality, travel, software services, or e-commerce companies, you will need to scrutinize the online marketing practices you use. Especially, US businesses targeting European markets need to become fluent in GDPR regulations.

Since this is a new development, the application and interpretation of GDPR for US businesses will evolve.