Are you GDPR ready? EU’s GDPR Regulation Could Fall on the U.S. Soon

Business colleagues in modern office using tablet.

EU’s General Data Protection Regulation (GDPR) has truly become a game-changer for today’s businesses. Up until now, this new regulation, which went into effect on May 25, 2018, only applied to organizations who collect and process EU resident’s personal data. However, a big change could be on the horizon, as the data privacy debate continues to gain more traction.

According to this Wall Street Journal article, in a speech during a privacy conference organized by the European Union this week, Apple’s CEO, Tim Cook, made the strongest call yet for a U.S.-wide data-protection regulation of individuals’ personal information, saying it has been “weaponized with military efficiency.” He also praised Europe’s GDPR data privacy regulations, claiming, “It is time for the rest of the world, including my home country, to follow your lead.”

The tech giant wants a GDPR for the rest of the world, and he’s not alone. Similar data privacy laws are already being implemented outside EU. In June, California enacted the Consumer Privacy Act, and is in the process of implementing a more comprehensive data protection regulation. Additionally, according to the article, there are at least three bills floating around Congress that address data privacy, and Washington lawmakers and lobbyists expect the issue to be a major focus of policy discussions over the next year. As a result, we could be seeing some monumental changes to our privacy laws in record time.

Related: Struggling with GDPR Compliance?

This is no surprise to us here at Bridgepoint Consulting, as we have been keeping a close eye on the ongoing developments around GDPR, and the potential impact this new regulation will have on businesses now and into the near future.

Our advice: The reality is that GDPR compliance is inevitable. If you are currently subject to GDPR, now is the time to take action. This regulation doesn’t only affect your organization’s privacy policy, it affects everything from your technology architecture to business processes and overall company strategy. And if your clients are subject to GDPR, you’ll need to get in compliance or risk losing their business.

However, if your organization is not affected now, you will most likely fall under similar regulation in the future, due to the probability of a federal law here in the U.S. Addressing compliance is an ongoing, everyday process—one that involves everyone from senior management to your most junior staff, and that requires some significant digital heavy lifting. It is only a matter of time before the data protection laws will be in place in the U.S.


Efforts to comply with the data protection regulations such as GDPR is a multi-step, comprehensive effort that requires a fundamental shift to how the companies do business. By embracing this effort with a positive attitude and a focus on improving current systems, you can also reap rewards far greater than compliance, including better relationships with your customers and a clearer understanding of their data. However counter-intuitive it may seem, those with the most work to do on GDPR actually stand to make the greatest gains. If you handle customer data with integrity, you can build trust with existing customers and attract new ones.


If you are unsure how to achieve full compliance, our seasoned team of GDPR experts can help. Bridgepoint can guide your organization through each step of the process, from data mapping to developing and executing your action plan.

You May Also Like: