The General Data Protection Regulation (GDPR) impacts every entity that holds or uses personal information pertaining to EU residents regardless of whether this information is hosted within or outside of the EU.
The new regulation introduces widespread changes to current law and greatly increases financial sanctions for non-compliance (up to 4 per cent of annual worldwide turnover for groups of companies).
The regulation, enforced from 25 May 2018, requires organisations to implement all the necessary changes to systems and operations to meet the compliance rules.
With a greater emphasis on accountability for the processing and protection of data and how organisations demonstrate their compliance, the GDPR should not solely be viewed as an information security issue, but a fundamental business and governance challenge.
Download our white paper for advice and guidance on complying with GDPR.