On May 25, 2018, organizations across the world that handle European data in the European Union need to be compliant with the General Data Protection Regulation (GDPR). This affects not only EU companies but any company that handles data for EU residents, even if the data processing occurs outside of the EU borders. The penalty for non-compliance is high: €10 million or 2% of global turnover for offenses related to data processing, security, and storage.
In order to be in compliance, there are four regulations to data protection under GDPR you need to be aware of:
Data must be retained to ensure EU residents can request a copy.
Data must be protected in transit and at rest with industry-standard security.
EU residents have the right to be forgotten. You must comply if they request their data be deleted.
You must be able to track and monitor where the data for EU residents is.
Data Protection Compliance Handbook
In this ebook, you'll learn about the essential parts of GDPR and how they relate to data protection.