You are here

Practical Defensibility for GDPR White Paper

Sensible Compliance for Tougher European Privacy Laws

The European Union’s new General Data Protection Regulation (GDPR) takes effect in May 2018. The new rules seek to better protect the personal information of individual EU citizens by updating and strengthening data handling and movement by organizations doing business in member nations.

While designed to push back against the rising influence of global social media, cloud computing, and search giants, GDPR’s breadth also creates compliance challenges for organizations of all sizes. The tougher new regulations require that any company conducting any sort of business in the EU must prove it has adequate processes in place to manage and protect EU residents’ personal data, or risk fines of up to 4% of annual revenue.

Most large companies have been aware of the impending deadline since early 2016 and many have been building a compliance program for months. Some mid-size companies have only recently started to assess their compliance obligations. However, with deadlines fast approaching, many organizations in both categories are realizing that there is more complexity to the readiness efforts than initially anticipated. 

In this white paper, we explain the GDPR regulation and its requirements and describe how to develop a defensible plan.