GENERAL DATA PROTECTION REGULATION COMPLIANCE: WHAT YOU MUST DO NOW
If you deal with the personal information of anyone in the European Union (EU), you probably already know that as of May 25, 2018, you will face stiff penalties for violating any of the provisions of the General Data Protection Regulation (GDPR). If your enterprise fails to comply with GDPR’s data security obligations, you’ll face penalties of 2 percent of your worldwide annual revenue or 10,000,000 euros. If you’re found to be in breach of other provisions of the GDPR, the fine may rise to 4 percent. Currently, no evidence exists that latitude will be given for violations.
GDPR applies to all companies doing business with personally identifying information (PII) from EU citizens. This includes the U.K., which is still in the EU through March 29, 2019, and has indicated that something similar to GDPR will continue afterward because it is a good idea. GDPR provisions do apply to U.S.-based companies that do business in the EU.
For the rest of the article, please see link.