A Data Protection Officer’s Guide to the GDPR Galaxy

In April 2016, the General Data Protection Regulation (GDPR) was passed into law in the European Union. The goal of the law is to give individuals control over their own data. While GDPR became law in 2016, it won’t become enforceable until May 25, 2018. GDPR is composed of 99 articles and 173 recitals that are used to help interpret the law — that’s a lot of elements!

What’s scarier is the sanctions for noncompliance can be a fine up to €20 million (approximately $24.6 million) or up to 4% of the annual worldwide turnover  (net sales generated by a business) of the preceding financial year, whichever is greater. The “whichever is greater” is where most gasp a little. GDPR affects any business that operates in the EU and foreign companies that process the data of EU citizens. In our global economy, this is virtually every business. Furthermore, business must flow these requirements down to all their vendors.

The prospect of digging into this does seem daunting. So, where to start? First of all, breathe. While this is a large undertaking, there are many resources available.

Read about five tips that can help you tackle GDPR compliance on DarkReading.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here