By Shon Ramey …
There’s this thing called the General Data Protection Regulation or GDPR. Perhaps you’ve heard of it?
Few regulatory changes have inspired more anxiety or frenzied activity than the EU’s new privacy rules. Scheduled to go into effect this May – only about four months from now – the rules require just about any company that does business with European consumers to institute a laundry list of measures designed to protect any information that can be defined as “personal data.”
From a corporate general counsel’s perspective, this is huge. Under GDPR, privacy by design is the new norm, and to a certain extent we GCs are the designers.
What Do I Need to Do for GDPR in the Legal Department?
General counsel may not know a lot about server architecture or software engineering, but we do know all about assessing and controlling risk. And GDPR, with potential penalties running up to four percent of global revenue, presents a potentially crippling risk for companies that fail to get into compliance now.
IT’S MUCH BETTER TO HAVE THESE CONVERSATIONS INTERNALLY WITH YOUR COLLEAGUES IMPRESSING UPON THEM THAT COMPLIANCE ISN’T VOLUNTARY RATHER THAN A LATER CONVERSATION WITH YOUR BOARD ABOUT WHY EUROPEAN REGULATORS ARE PUTTING UP TO FOUR PERCENT OF YOUR ORGANIZATION’S GLOBAL REVENUE AT RISK.
Read full article here …