Are you GDPR ready? EU’s GDPR Regulation Could Fall on the U.S. Soon
EU’s General Data Protection Regulation (GDPR) has truly become a game-changer for today’s businesses. Up until now, this new regulation, which went into effect on May 25, 2018, only applied to organizations who collect and process EU resident’s personal data. However, a big change could be on the horizon, as the data privacy debate continues to gain more traction.
According to this Wall Street Journal article, in a speech during a privacy conference organized by the European Union this week, Apple’s CEO, Tim Cook, made the strongest call yet for a U.S.-wide data-protection regulation of individuals’ personal information, saying it has been “weaponized with military efficiency.” He also praised Europe’s GDPR data privacy regulations, claiming, “It is time for the rest of the world, including my home country, to follow your lead.”
The tech giant wants a GDPR for the rest of the world, and he’s not alone. Similar data privacy laws are already being implemented outside EU. In June, California enacted the Consumer Privacy Act, and is in the process of implementing a more comprehensive data protection regulation. Additionally, according to the article, there are at least three bills floating around Congress that address data privacy, and Washington lawmakers and lobbyists expect the issue to be a major focus of policy discussions over the next year. As a result, we could be seeing some monumental changes to our privacy laws in record time.
Related: Struggling with GDPR Compliance?
This is no surprise to us here at Bridgepoint Consulting, as we have been keeping a close eye on the ongoing developments around GDPR, and the potential impact this new regulation will have on businesses now and into the near future.
Our advice: The reality is that GDPR compliance is inevitable. If you are currently subject to GDPR, now is the time to take action. This regulation doesn’t only affect your organization’s privacy policy, it affects everything from your technology architecture to business processes and overall company strategy. And if your clients are subject to GDPR, you’ll need to get in compliance or risk losing their business.
However, if your organization is not affected now, you will most likely fall under similar regulation in the future, due to the probability of a federal law here in the U.S. Addressing compliance is an ongoing, everyday process—one that involves everyone from senior management to your most junior staff, and that requires some significant digital heavy lifting. It is only a matter of time before the data protection laws will be in place in the U.S.
BRINGING IT ALL TOGETHER
Efforts to comply with the data protection regulations such as GDPR is a multi-step, comprehensive effort that requires a fundamental shift to how the companies do business. By embracing this effort with a positive attitude and a focus on improving current systems, you can also reap rewards far greater than compliance, including better relationships with your customers and a clearer understanding of their data. However counter-intuitive it may seem, those with the most work to do on GDPR actually stand to make the greatest gains. If you handle customer data with integrity, you can build trust with existing customers and attract new ones.
HOW WE CAN HELP
If you are unsure how to achieve full compliance, our seasoned team of GDPR experts can help. Bridgepoint can guide your organization through each step of the process, from data mapping to developing and executing your action plan.
You May Also Like:
- On-Demand Webinar: What Is GDPR and Why Should I Care?
- How to Safeguard Your Organization from Current Threats
- Is Your Business GDPR Ready? 5 Things You Need to Know About this New Data Regulation
Vicki Humphrey is a Director in the Cloud Solutions practice at Bridgepoint Consulting. She has over 20 years of experience managing Cybersecurity and IT compliance projects as well as IT strategy and system development projects.