Many middle market companies are unaware of the impending May 25 deadline to comply with the European Union's (EU) General Data Protection Regulation, better known as GDPR. The EU passed GDPR two years ago to provide enhanced privacy and data protections for its citizens, and beginning May 25, 2018, companies that process personal data of EU residents are subject to GDPR - including those based in the US. The ensuing fines for non-compliance with GDPR can be up to 20 million Euros ($24 Million USD), or 4% of the company's worldwide annual revenue.
Although personal privacy has been an important topic in the EU since the 1990s, privacy has not been a priority for most US-based businesses. Accordingly, GDPR represents a new set of privacy requirements that many IT shops in the US have never dealt with before.
It may have been feasible for US businesses to largely ignore GDPR since its requirements apply only to EU citizens. However, Facebook's recent Cambridge Analytica debacle, where a political data firm inappropriately utilized over 50 million Facebook accounts, may dramatically speed up the arrival of similar privacy regulations here in the US. Even if your company is not subject to GDPR, UHY experts believe it won't be long before similar legislation arrives in the US. Address privacy in your business now by integrating privacy leading practices to create competitive advantage.
What Does GDPR Require?
Are You Prepared?
With the deadline looming, there is an immediate need for organizations to review and adjust their data privacy and protection programs. To build an effective GDPR roadmap, start with the following questions:
How Can UHY Help?
UHY is finding many middle market companies are unaware of GDPR's requirements and may not have the compliance and legal resources needed to implement a plan. The cybersecurity and privacy experts at UHY Advisors can assist organizations by:
Tackling GDPR requires the right combination of modifications to business processes and supporting technology. Don't wait to address your GDPR compliance requirements; for more information contact UHY Advisors at one of our many locations.