I am an IT Director at a small company here in Pennsylvania. I was browsing Twitter TM a couple of days ago and saw several references to GDPR, the General Data Protection Regulation. Apparently, it is some onerous requirement about European resident privacy. I mentioned it to our CEO, but she told me not to worry about it as don’t do business in Europe. Is that right?
Apparently, I have been hiding under a rock for quite a while and I just realized that GDPR is coming out this Friday! Is there anything I can do between now and then?
There are two solid things you can do before GDPR comes into effect on Friday, May 25th, 2018. The first is to recognize that you have a problem. Guess what? You’ve already done that! Congrats, take the rest of the day off… Just kidding. The first step I would take and in keeping with the intent of GDPR is working to identify the EU personal data that you possess and then protecting it. Doing that will likely keep you in good stead as you work to implement the rest of it over the near future.
Have fun storming the castle!