FileTrail logo

What is GDPR?

Starting May 25, 2018, organisations that collect and store data on citizens in European Union (EU) countries must begin complying with strict new rules around protecting customer data. The General Data Protection Regulation (GDPR) applies to all organisations – regardless of their location – if they’re processing or storing personal data of EU data subjects.

Here are some quick facts about GDPR:

Objective:

Give individuals control of personal data

Regulatory consistency across the EU

Impact:

Covers personal data collected in the EU, regardless of the location of the collector.

Applies to US-based companies doing business in the EU

Fines are significant – up to 4% of global revenue

Rights of PII owners:

To be informed

To have access

To correct

To erase

To restrict processing

To have portability

To object

Biggest concerns for organisations about GDPR*:

21% – high penalties lead to workforce reduction

19% – negative media causes loss of customers

18% – high penalties lead to end of business

12% – negative media reduces brand value

8% – shareholder lawsuits

8% – loss of market share

*(Source, Veritas poll, 2017)

FileTrail logo
The leader in information governance for highly regulated markets throughout North America, the UK and Europe.