GDPR: General Data Protection Regulation and Your Business

Data collection, processing, and protection are all factors that ensure the livelihood of a business. If a business fails in any of these areas, it could prove detrimental. Protecting your customer’s personal data is an extremely important topic that is getting a lot of attention in the media. During the past year, the EU has been working on changes to the GDPR. It was finally announced to the public the list of changes that the European Union has created for the General Data Protection Regulation (GDPR). These modifications are scheduled to go into affect on May 25th, 2018. We would like to share some quick information regarding the GDPR and how the changes may impact your business.

The General Data Protection Regulation (GDPR) was adopted by the European Union in 2016. This regulation introduces new obligations to data processors and data controllers, including businesses in the United States. The main purpose of the GDPR is to bring harmonization in regulations pertaining to data privacy. This regulation affects many industries, particularly financial services or businesses that hold a lot of personal data.  Under the new regulation, businesses will need to become fully compliant by collecting explicit consent from customers to collect data for specific purposes, as well as the right for individuals to request details of information held and data deleted. This means that businesses will need to ensure they have effective policies and procedures in place, carry out assessments, and designate a Data Protection Officer to meet these requirements.

The new regulations imparted by the GDPR are very strict, therefore it is requiring a lot of American companies to restructure the way that data is handled if they do business in the EU. The GDPR will also apply to the processing of personal data of data subjects in the EU by a controller or processor not established in the EU, where the activities relate to: offering goods or services to EU citizens (irrespective of whether payment is required) and the monitoring of behavior that takes place within the EU. Non-EU businesses processing the data of EU citizens will also have to appoint a representative in the EU. The first step to complying, a business must analyze whether the GDPR impacts them and if they will need to make any changes to comply. Remember to consider systems that store customer data in marketing, research, customer service, and support. It is extremely important to know where your data is located. To comply with the GDPR, a business will need to develop and establish procedures that manage how data breaches and client information is handled.

Steps to Implement GDPR:

  1. Receive consent from customer’s to use their information (example: ‘opt in consent form’)
  2. Keep customer personal data accurate, secure, and up to date
  3. Establish a plan to delete out of date data
  4. Educate your staff on the appropriate uses for customer data
  5. Provide a point of contact (Data Protection Officer) and procedures to follow if data is violated
  6. Update your business website or email campaign software to include your Privacy Policy and Terms of Service
  7. Contact a technology consultant to ensure all steps are implemented properly to comply with GDPR

Customer data collection, processing, and protection are all factors that are affected by the GDPR. If you have questions or are looking for assistance understanding the GDPR and how it affects your business, please contact the staff at KerberRose Technology Inc. Our team can help you align your technology solutions with your business objectives and operational requirements. We work to ensure that technology improves the business performance for our clients and streamlines processes. Our services begin with planning and identifying requirements. We then work with system design and implementation.

For more information on KerberRose Technology Inc. or to schedule a consultation, contact Lucas Koenig at (715) 526-9400 or email

Lucas Koenig

About the Author

Lucas Koenig

Comments are closed.

From The Blog