In April of 2016, the General Data Protection Regulation (GDPR) was voted into law by the European Union. GDPR’s impact has been seismic as global businesses scramble to create compliance strategies to meet the May 25, 2018, enforcement deadline.
GDPR represents monumental challenges to global business operations, because, unlike its predecessor Directive 95/46 EC, GDPR is a regulation (not a directive) and comes with steep penalties for non-compliance of up to 4 percent of annual revenue or €20 million, whichever is greater. But the greatest challenge is posed by GDPR’s sweeping reach. The regulation applies to virtually every business in and outside the E.U. that processes personal data to sell goods and services to citizens of E.U. member states. To dispel any confusion entities who are currently Privacy Shield Certified must also comply with GDPR.
At Aprio, we view GDPR as an opportunity for organizations to greatly improve their risk management operations. The key challenge that most organizations will face is prioritizing their compliance initiatives within a tight timeline. Our team of Certified GDPR Practitioners have deep security and privacy experience in fintech and digital marketing and provide step-by-step guidance through the compliance readiness process.
GDPR’s six guiding principles were intended to strengthen data protection practices, align regulators under one authority and provide greater citizen control over personal data. The regulation’s focus on data subject rights and consent will pose sizeable obstacles for digital marketing organizations. Those who currently capture data through Google IDs and are unclear as to the source, will face additional challenges.
At Aprio, we believe that information risk management is a team sport. So, we partner with your internal resources to provide step-by-step guidance through our GDPR compliance process.
GDPR’s focus on protecting personal information and the rights of data subjects represents a bold leap forward in data security and privacy. At Aprio, we are committed to working with clients to make effective, sustainable risk management easier to achieve. Let us apply our proven process and compliance roadmap to help your organization become GDPR compliant.