Companies Struggle To Meet GDPR Standards

Posted August 31, 2018 by Mary McGinley

As of May 25th, 2018, the General Data Protection Regulation or GDPR went into effect. This regulation required all businesses to be able to ensure data protection by design and default for those doing business in or with countries within the European Union.

According to an article appearing on the Personnel Today Website, companies and organizations around the world are still struggling to figure out what it all means for them. Even if a company or organization is located outside of the EU, if they handle any personal data, cookies or other personal information through offering goods and services, or monitoring the behavior of EU citizens while in the EU, they are in violation of the GDPR.

So what exactly does this mean? If your website uses cookies not just on your website, but their habits while off your site and makes these EU citizens, also referred to as data subjects, as identifiable, then they are in violation of the GDPR.

In the world where data breaches are almost an everyday occurrence, the EU is right to want to protect its citizens. For those organizations that fail to comply with the GDPR, that can mean a fine of €20m or 4% of global turnover, whichever is greater. If a data subject in the EU has suffered damage as a result of failing to comply with the GDPR, they have the right to file a suit against that for compensation.

Because the EU wants to protect its citizens and their private data, businesses are encouraged to look carefully at their own current data collection. This may involve consulting with an outside source in order to determine what and policies and practices need to be adjusted in order to ensure that they are in compliance with the GDPR.