GDPR – General Data
Is Your Business GDPR Compliant? Download Our Guide to the New European Privacy Laws
Recognizing Employee Data Privacy
Since May 25, 2018, companies with employees based within the European Union (EU) must be in full compliance with the EU General Data Protection Regulation (GDPR). The intent of the GDPR is to assure the privacy of EU residents and facilitate the appropriate use and secure transfer of personal data.
The GDPR enhanced the prior EU Data Protection Directive by better defining what constitutes personal data, adding breach notification requirements and significant penalties for non-compliance.
The penalties for non-compliance are severe, with fines for violations of up to 20 million Euros, or 4 percent of the company’s worldwide revenue, whichever is greater. For those companies in the US collecting or processing data of EU citizens, the former Safe Harbor privacy principals have been replaced with the EU-US Privacy Shield framework.