GDPR is a sweeping new EU privacy regulation that has extensive implications for U.S. firms too. In May 2018, a new regulation comes into force in Europe. Many have heard of the EU’s General Data Protection Regulation (GDPR), but one thing isn’t as well known: it affects U.S. companies, too. Mark Sangster, VP and Industry Security Strategist at cyber security company eSentire commented below.
Mark Sangster, VP and Industry Security Strategist at eSentire:
U.S. companies dealing with EU citizens have little time to lose. Because GDPR is a regulation rather than a directive, it will apply at once, rather than allowing time for individual countries to interpret into national law. Mark suggests that companies gather together their legal counsel, software developers, information architects, and human resource managers, as there’s plenty of work here for everyone.
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.