The latest news and information about ARMA International, our Industry Members, and the profession. Get it while it's hot!

    Zasio Analyst Emphasizes Need for GDPR Compliance for U.S. Companies

    Aug 30, 2017

    Frank Fazzio, records analyst at Zasio Enterprises, offers the following information on the General Data Protection Regulation (GDPR):

    The clock is ticking on the European Union’s new privacy law, the General Data Protection Regulation (GDPR). We’re less than one year away from when the GDPR comes into force, May 25, 2018. This new regulation imposes sweeping privacy protection requirements on any entities that oversee personal data operations or process personal data in the EU. This has the potential to impact companies on an international scale. The new requirements come hand-in-hand with a set of stiff penalties for non-compliance, including fines that can soar to € 20 million or 4% of a company’s annual gross revenue.

    Unfortunately, many U.S. companies with operations or personal data processing in Europe remain ill-prepared for full compliance. A recent survey of large U.S. companies revealed that although 94% retain personally identifiable information on EU citizens, as many as 40% have no plan for GDPR compliance.[1] As the deadline approaches, the pressure felt by compliance and IT professionals, records managers, and CIOs at these companies is sure to increase.

    Readying your company for compliance with the GDPR is a significant undertaking that requires substantial time and resources. But while the time remaining for preparation is dwindling, it is still not too late. If your company hasn’t formed a plan or taken concrete measures to comply, read how to take some modest steps to begin preparing your organization for the GDPR.

    Read the post in its entirety here.

    © 2017, ARMA International