In an effort to centralize data protection across its 28 Member States, the EU wishes to mandate the General Data Protection Regulation (GDPR) as early as 2017. The GDPR is a proposed law that will apply to personal identifiable data collected from its residents.
The GDPR will regulate what data can be collected, how it can be collected, and what can be done with it. It will also determine what organizations must do to protect personal data and set legal/financial penalties for organizations that fail to comply.
It’s expected that MR companies in the EU will be affected by the law if it passes, despite the feeling that the law targets organizations who are less responsible with data collection and handling. Financial effects to MR firms will likely include the need to hire new staff to monitor data protection and implement regular processes that obtain legal authorization to collect data.
We’ll keep an eye on this news and clearly advise our European clients as the story progresses.