As the deadline to comply with the EU’s General Data Protection Regulation (GDPR) approaches, many companies in the US still don’t fully understand how the regulation will affect them. GDPR requires companies to protect the personal data and privacy of residents of EU countries. However, it doesn’t only apply to European countries. US companies that collect or process the personal data of people residing in the European Union also need to comply.
A recent study found that two-thirds of firms across the globe will not be ready to comply with the GDPR by the deadline, and many companies fear a financial hit. American firms are least likely to be concerned about meeting the deadline — 23.6%, compared with 41.3% in France, 40.1% in Germany and 32.6% globally. However, 50% of U.S. companies fear revenue loss from failure to comply.
Despite the burdens of compliance, some argue that compliance will ultimately be beneficial to companies. For some articles discussing how GDPR can help companies in their operations, marketing and customer relationships, see Five Benefits GDPR Compliance Will Bring To Your Business, The Five Key Business Benefits Of GDPR and Europe’s Tough New Data-Protection Law.
It seems likely that many companies will still be working toward compliance by the deadline, but apparently that will be a consideration in enforcement. According to the BBC, UK information commissioner Elizabeth Denham has indicated that they will take into account whether companies have taken steps to be compliant. In addition, she stated, “We’re not going to be looking at perfection, we’re going to be looking for commitment. Large fines will be reserved for the most serious cases, when a company refuses to comply voluntarily.”
If your company is not fully compliant with the GDPR or you have questions on how it will impact your business, contact CDS today for a consultation with our cross-border data experts.