While Google may be the first company to be subject to a multi-million dollar fine for GDPR (General Data Protection Regulation) non-compliance, it is highly unlikely that they will remain alone in this unenviable position.
In fact, over the past few months data protection authorities in a number of countries have confirmed they are actively investigating major non-compliance allegations made against a number of US companies, including Microsoft, Amazon, Twitter, Facebook, Oracle and Equifax to name just a few.
Looking at this list, you may be forgiven in thinking that the regulatory authorities are only interested in pursuing the large high profile enterprises, think again! There has already been a number of cases where GDPR related fines have been applied to organizations who considered themselves not at risk as they’re not a well known brand and have a low profile in the EU. These include a local hospital, a Chinese bike share company, a small marketing agency in the UK and an entrepreneur in Austria so no company is exempt.
In addition, many US organizations are unaware that you do not need to have a physical presence in Europe for GDPR regulations to apply. For example, if your customers receive web traffic from European visitors and this data is stored and tracked, GDPR still applies, regardless of whether they actively market their products to the European market or not.
In 2018 European data protection authorities received an estimated 57,000 complaints in relation to GDPR non-compliance and this figure is continually growing – can you be certain your customers are not amongst those complained about?
With this in mind, now is a good time to help your customers review their data privacy compliance plans, not just in terms of GDPR, but including individual state legislation and industry regulatory requirements which are continually being updated.
For more information on how organizations can ensure their print and document management processes are compliant with the requirements of GDPR, please download the IDC report on Meeting Data Privacy Compliance.
Download here