GDPR

What are the GDPR requirements?

Here’s how the General Data Protection Regulation (GDPR) will change how companies process, store and secure EU customer data.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Last April, the European Parliament adopted the General Data Protection Regulation (GDPR). It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU. Companies that do business in EU countries or process the personal data of EU citizens must be in compliance by May 25, 2018. (For more detail on what the GDPR means to U.S. businesses, see “General Data Protection Regulation (GDPR) requirements, deadlines and facts.”)

The provisions are consistent across all 28 EU member states, which means that companies have just one standard to meet within the EU. However, that standard is quite high and will require most companies to make a large investment to meet and to administer.

The GDPR contains 99 articles that define its requirements and rights granted to EU citizens, GDPR operations and structure, and penalties. The articles that will have the most significant impact on business are:

To continue reading this article register now