In just a few more months on May 25th, The European Union General Data Protection Regulation (EU GDPR) will go into effect and put at risk every organization that processes data of EU citizens regardless of that organization’s size, industry, and location.
Fines for violations can be up to 4% of the company’s global turnover.
The European Commission defines personal data as, “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
The intention of the new GDPR rule was to unify individual data rules across the European Union, especially regarding social networks. But corporations store all sorts of personal data about employees. Think of the HR feeds going into T&E tools like Concur or being sent over to global travel agencies. These will soon all be at risk.
This will result in substantial costs of implementation. So CFOs and CIOs should make sure they have planned these costs into the budgets.