On May 25, 2018, the European Union’s General Data Protection Regulation, or GDPR, went into effect. If you are an owner or senior executive of a business based in the United States, you may think this new regulation has no impact on your organization. You would be wrong.
As we approach the first anniversary of GDPR, it’s time for U.S. business owners to think seriously about GDPR compliance. If your company has a website or social media presence and an international customer base, you may be affected. The costs of noncompliance can be potentially devastating for a small business — fines of 4% of annual global turnover or up to €20 million, whichever is greater.
The main purpose of the regulations is to protect EU citizens from data-breach-related privacy violations. GDPR is an update to a similar regulation implemented in 1995. Due to the vast changes to the online landscape since that time, the EU decided to give the regulation a significant update.