The General Data Protection Regulation is now, effectively, law. Businesses have 730 days from official publication (expected to be in June) to comply. It would be a mistake to think that this is just a European issue: it will affect every business throughout the world that holds or uses European personal data.
“The European Commission welcomes the final adoption of the new EU data protection rules by the European Parliament, following the adoption by the Council last Friday,” announced the European Commission on April 14.
The fundamental purpose of the regulation is threefold: to give the business world a level playing field across the whole of Europe; to force businesses to provide better security for European personal information; and to provide citizens with greater control over the use of their personal data. While it seeks to strengthen the security of personal data held within Europe, it also focuses on data that is exported from Europe to servers in other countries.
