(March, 2018) Companies that conduct business in the European Union should be aware of the General Data Protection Regulation (GDPR), which concerns the protection of personal data and the free movement of this data. Passed in 2016, GDPR takes effect on May 25, 2018. From that date, organizations have less than ten months to comply.
The new GDPR regulation has many aspects but one of the most important is obtaining proper consent from data subjects. Other elements of the regulation include data accuracy, minimization, integrity, and accountability. The controller of this data bears the responsibility to prove to the relevant supervisory authority that all regulations are followed - penalties for non-compliance can be significant.
