May 2018 marks a major change to how data for European citizens is processed, stored and used. The General Data Protection Regulations (GDPR) are new laws established by European Parliament designed to ensure greater protection of individual rights of EU members. The news of the GDPR’s imminent arrival has caught many European corporations off guard, with over half stating they were unaware of the compliance requirements. This news does not bode well for small businesses. Noncompliant companies face fines of €20 million or 4 percent of annual revenue.

Yet it is not only those companies in Europe that are in danger of experiencing disastrous financial penalties.

The GDPR laws impact all corporations handling the data of European citizens, as the regulations apply to every shred of personal data owned by a member of the European Union (EU). What does this mean? It means that companies in the United States possessing data belonging to a citizen of the EU must also ensure they comply with GDPR. Failure to do so could result in fines on the same level as any brand operating within the EU.

What is GDPR?

While the way in which companies harvest, extract and utilize data has evolved quickly over recent years, the laws protecting a person’s information has lagged behind the growth. The GDPR introduces a number of major changes as to how personal information is handled. The new rules outline, in very comprehensive terms, much stricter regulations that apply to all facets of personal data use.

To understand exactly what your obligations are under the GDPR laws, you should consult the official documents available online. However, in very basic terms, this is how things will change:

  • Access. EU citizens have a right to know what data is being held about them, how it is being used and what will Read More Here