Europe's landmark The General Data Protection Regulation (GDPR) is setting new standards for consumer protection compliance. It requires businesses to protect the personal data and privacy of EU citizens. It imposes harsh penalties for non compliance.
Companies all over the world doing business with EU are scrambling to become GDPR compliant by informing customers and soliciting their agreement on the information stored about them. Also they are beefing up security and internal procedures to prevent inadvertent or malicious leaks of customer data.
Ensuring privacy and security for our customer databases is nothing new, what is new though, is the stringent penalties that can be imposed and heightened monitoring. Wide ranging powers given to the EU authorities to determine and prosecute breaches has many worried. It is also not clear how the EU would impose penalties on companies operating outside the EU but dealing with EU clientele.
Currently it is affecting only those doing business with the EU which is significant but it is more than likely that other parts of the world will also adopt such strict guidelines. Especially Asia and particularly India, from where a lot of spam and junk originates. It might be known by other acronyms and programmes but the requirements will be similar.
Companies all over the world can preempt this by taking the effort to become compliant even if they are not doing business in the EU. After all ‘a stitch in time saves nice'.
What steps do you need to become GDPR compliant?
So it's a good idea to evaluate our own customer databases and see if we can become more compliant so that when inevitably the GDPR or its equivalent, comes to our region, we are ready.