The proposed General Data Protection Regulation (GDPR) recently passed a key legislative hurdle in the European Union and enterprise compliance teams are watching carefully as the regulation nears expected adoption in early 2016.  Once passed, organizations doing business in the EU will have a two year grace period to become compliant with the regulation before facing steep fines for non-compliance.

Under the GDPR, the EU seeks to implement a single set of data privacy rules that apply across all EU member states.  It expands many of the provisions of the 1995 EU Data Protection Directive and applies to organizations who previously fell outside the scope of EU regulation due to their geographic location.  The GDPR includes notice and consent provisions similar to those found in the 1995 regulation with some enhancements, including disclosure of the retention time for personal information and parental consent requirements for children under the age of 13.

Read the full article: Minimizing Compliance Costs with GDPR on the Horizon

Published February 16, 2016 on SearchSecurity.com