The General Data Protection Regulation (GDPR) came in to force on May 25th, if you do business in the European Union (EU) this likely impacts you.

Even if you are not in the EU you likely have received a number of emails lately about providers changing their terms of service due to EU regulatory changes. The General Data Protection Regulation (GDPR) is an important EU regulation that has requirements regarding the processing of personally identifiable information of data subjects inside the European Union.

We recommend that if you do business with the EU that you see the official infographic summary and the official GDPR website to get an understanding of what is required.

Previously the collection of personally identifiable information was not covered by as strongly by existing regulations. With the GDPR in force you are liable for large fines for non-compliance if you are doing business in the EU.

Our analysis

Data breach regulations are getting more common world wide and the regulatory landscape is definitely shifting with regards to personally identifiable data. With regulations such as the GDPR and various other regulations coming in to force it is getting more and more valuable to have well planned and well engineered systems when personal or sensitive data is involved.

We suggest that you put serious thought into how you are using data in both a business and technical capacity.

If you are handling sensitive data it is worth having policy in place for preventing and handling data breaches.

Reactions

This has been a fairly controversial and highly debated regulation. The reactions from different companies and organizations have been quite diverse.

Some companies that do not have any EU customers have taken the step to completely block the EU from using their services because they have judged that the cost of compliance is too high for them.

Other companies have overhauled internal systems to make sure that their services are in compliance with the new regulations.

What is best for your organization will depend fairly heavily on the nature of your business and what geographical areas you are doing business in.