Inside the Law: GDPR: What business owners need to know

June 07, 2018 - 3:30 am

By Amy E. Feldman, Judge Technology Solutions​

PHILADELPHIA (KYW Newsradio) -- What’s GDPR? Your business is about to find out the hard way.

If you’re vaguely aware of the GDPR and think it’s got something to do with Europe, you’re partially right. It’s a regulation that’s also got to do with any business in the U.S. that offers goods and services to people in the European Union, or that collects, processes, or stores data tied to EU citizens. 

And in case you’re thinking you’re too small to deal with it, think again. 

If you sell a single item to a customer in Europe, by virtue of collecting payment information, you become subject to the GDPR —the General Data Protection Regulation, which just went into effect May 25. 

Even if you don’t do business in Europe, if your clients do, they may require you to sign a statement saying you’re compliant with the law, which requires companies designate a data protection officer, implement compliant vendor contracts with third parties and establish an ongoing compliance monitoring system for personal data.  

The penalties for noncompliance are huge —up to $25 million of four percent of a company’s global revenue, whichever is greater. 

So, don’t sign agreements regarding compliance until you understand your obligations. And research the gosh darned petrifying reality that is your obligation under the GDPR.