I recently had the opportunity to author an article for CMSWire about how the European Union (EU) General Data Protection Regulation (GDPR) will have effects that reach beyond just the EU.
In addition to EU-based organizations, companies with a significant European presence will also be subject to the new requirements (e.g., greater fines for data breaches, privacy impact assessments)
Although organizations may have about two years to come into compliance, it’s time to rethink privacy and security strategy now– especially as it relates to IT.
The new GDPR IT requirements will likely mean a significant shift in organizational processes, so it’s important to consider how the new law will affect your IT and business practices. Some considerations:
- Are your standardized processes automated?
- Are you conducting privacy impact assessments to analyze risk?
- Are you taking a risk-based approach to data protection?
- Do your policies demonstrate accountability?
Answering these questions will help guide you to proactively ensure compliance with the EU GDPR.
To read more about the global implications of the EU GDPR, please visit CMSWire.
To learn how AvePoint can help your organization with compliance management, please visit our website.