GDPR – The General Data Protection Regulation
The GDPR imposes rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where those businesses are located. Among the key elements of the GDPR are the following:
• Enhanced personal privacy rights – strengthened data protection for residents of the EU by ensuring that they have the right to access their personal data, to correct inaccuracies in that data, to erase that data, to object to processing of their personal data, and to move it
• Increased duty for protecting personal data – reinforced accountability of organizations that process personal data, providing increased clarity of responsibility in ensuring compliance
• Mandatory personal data breach reporting – organizations that control personal data are subject to stringent reporting and notification requirements in the event of a personal data breach
• Significant penalties for non-compliance – steep sanctions, including substantial fines that are applicable whether an organization has intentionally or inadvertently failed to comply November Accelerate Your GDPR Journey 2017 13
As you might anticipate, the GDPR may have a significant impact on your business, potentially requiring you to update privacy policies, implement and strengthen data protection controls and breach notification procedures, deploy highly transparent policies, and further invest in IT and training.
If your company has business transactions that involve European Union (EU**) Companies or customers, you can contact CCS Retail Systems to help you plan how to avoid GDPR penalties before this regulation is enacted on May 25th, 2018.