Let’s say your business operates in the U.S. or elsewhere outside of the EU. However, you aren’t doing business in Europe, so you figure the new General Data Protection Regulation (GDPR) doesn’t apply to you. Maybe so, but consider the following:
- Are any software vendors in your tech stack that collect user data in any form based in Europe?
- Are any of your vendors warehousing data in Europe? Even just one of several data centers applies. Be careful here, thanks to the cloud, even U.S.-based companies may have distributed data centers in places you wouldn’t expect.
- Do partners you work with engage in business in the EU?
- Global organizations are beginning to apply GDPR-based practices and policies worldwide because it’s easier to manage a single standard based on the strictest requirements. How might these changes affect you?
Here are a few recommendations that will help any business:
- Complete an audit of your digital services to make sure your tech stack list is complete. Sometimes, old code remains installed on web pages! That code may still be operating and collecting data and though you may not be aware of it, it’s slowing you down and isn’t contributing anything helpful.
- Confirm your vendors are GDPR-compliant. Check their websites. Having a GDPR statement of compliance means you should be safe.
- Review your site’s data use policy. If it’s been a while, it can’t hurt to make sure your site’s legal policy is up to date with your current data practices.
- Take a hard look at where you store your data. If cloud-based, your company’s own data storage may include data centers located in the EU.
- Consider how the ripple effect may impact you. If the U.S. adopts similar privacy regulation, will your company be ready?
Taking the time to consider the impact, conducting an audit, removing old tools and tightening data management processes is ultimately worth it. If nothing else, you’ll be in a position to assure your customers and prospects you are proactively taking steps to manage their rights which can only help your brand.