If you're a business or government organization in Texas that does any type of work with other entities or private individuals in the European Union, the GDPR is something that you absolutely have to concern yourself with whether you realize it or not. Also referred to as the General Data Protection Regulation, this addition to EU law governs "data protection and privacy for all individuals within the European Union."
The regulation itself will officially go into effect on May 25, 2018 after a two year transition period that began on April 27, 2016. Again, just because you're based primarily in Texas doesn't mean the GDPR will not affect you in any way - far from it. In fact, there are a number of essential things that you'll have to consider before the end of may officially arrives.
GDPR Compliance: Breaking It Down
The major way that the GDPR is likely to affect you can be summed up in a single word: security. As an organization operating in the digital age, security and protection from events like data breaches has always been a top priority. Under the new regulation, however, the actual definition of "personal information" has been expanded greatly. You and your security teams will now need to offer the same level of protection for anything event remotely identifiable - including a customer's IP address or even individual cookies - that you would for their name, their social security number, their EIN and more.
While the good news is that the GDPR now means that you have only one standard of digital security to meet when doing business with any of the 28 European Union members, this standard itself is incredibly high. It's also very broad, which means that regulators have a lot of room to work with when it comes to assessing fines for non-compliance.
At Cima Solutions Group, we've dedicated ourselves to helping all of our clients become compliant with the GDPR and other regulations through our Managed IT Services offering. If you'd like to find out more information about how we can help you become compliant so that you don't have to rebuild your European strategy from the ground up, or if you have any additional questions about the General Data Protection Regulation that you'd like to see answered, please reach out to us.