/ Services / GDPR Compliance
The European Union’s General Data Protection Regulation (GDPR) represents sweeping new legislation designed to protect data rights of EU residents. It affects every organization that interacts with an EU resident in any way, wherever that organization may be. Enforcement started in May of 2018, and fines for failure to be in GDPR compliance can be severe: €20 million or up to 4% of global revenues, whichever is greater.
By law, data subjects (defined as any EU resident) do not relinquish their rights to their personal data and can request this of any organization they have interacted with. In the US, there is a growing number of regulations that organizations should start to understand which are similar to the GDPR, these include:
Pomerol is actively working with organizations to help them plan for these regulations, perform information audits, train staff, as well as data mapping and overall strategic assessments.
Below are 10 things to do and consider when thinking about modeling a framework for GDPR Compliance: