The EU's new data protection law will apply to companies across the globe
The General Data Protection Regulation (GDPR) is fast approaching and organisations will need to be compliant by 25 May 2018.
Europe has a plethora of different data protection regimes in each EU country. Organisations have to deal with many different sets of rules depending on where they setup their business and sell their products or services.
The GDPR will harmonise data protection laws across the EU. But this will also apply to organisations across the world. Any company that processes personal data about EU citizens whether they reside in the EU or elsewhere in the world will need to abide by the GDPR.
European companies are still wrestling with how they are going to be compliant with the law in less than a year. Companies from other parts of the world may not have even heard of the GDPR, and therefore might not be aware of the possible impact upon them.
As citizens from EU countries do business and exchange data with companies across the globe, the GDPR is something that international companies outside the EU need to plan for. Failing to do this could seriously hinder their ability to market and sell their products and services in the EU.
According to a global study by Veritas: 56% of respondents in Singapore, 37% in the US and more than 60% in Japan and South Korea, are worried they will be unable to meet the May 2018 deadline for compliance.
More than 90% of organisations in Singapore are concerned by the potential business disruption from GDPR. Around 20% fear that their company may go out of business as a result. Alarming figures for foreign companies that do business in the EU.
One positive for international companies is that the GDPR is the gold standard of data protection law. If an organisations complies with the GDPR then it will more than likely easily comply with virtually all data protection laws around the world.
The GDPR represents a shift across the world towards a culture of safeguarding personal data, especially considering the global reach of the legislation.
It is imperative that organisations that offer goods and services to EU citizens, and that process their personal data are compliant with the GDPR. There are only 335 days until the GDPR comes into force.