The General Data Protection Regulation (GDPR) goes into effect in roughly one year, yet many multi-national companies are still behind in preparing for compliance. This sweeping regulation requires organizations to meet stringent data protection requirements over personal data of EU citizens and for the first time, also impacts companies that are based outside of Europe. GDPR defines personal data as any information related to an individual, which can include things like physical address, email address, IP addresses, age, gender, GPS location, health information, search queries, items purchased, etc.
Many companies today freely harvest and commercialize this information. GDPR preparedness involves cross-departmental work involving privacy, security, legal, IT, compliance, outside counsel and other stakeholders. With just a year remaining to put compliance programs in place, corporations need actionable and efficient strategies to effectively prepare.
