APAC companies “ill-prepared” for General Data Protection Regulation
Entered into force last May 2016 and enforced from the end of May 2018, the EU General Data Protection Regulation (‘GDPR’) imposes strict obligations for data controllers and processors involved in data processing activities in the EU. What often appears to remain unknown is the fact that the GDPR also addresses the export of personal data outside the EU.
Not very remarkable in that respect is today’s ZDNet.com report that nearly 90 percent of businesses in Asia-Pacific know little or nothing about the GDPR. ZDNet: “Another 93 percent did not have any plan in place for when the GDPR regime commenced from May 2018, according to survey findings released by Dell Technologies. Only 7 percent said they had a plan to prepare their organisation for the change.”
We have recently given quite some awareness in-house training courses at major APAC firms doing business in the EU. Interesting to see was that these companies all felt the urgent need to adapt to the new data protection rules with unprecedented attention and enthusiasm. Are you aware of the impact of the GDPR in your business and the significant fines for non-compliance? And moreover, are you prepared for data breaches and the strict notification obligations? As we often say it: “The data breach question is not if, but when…”
Please see to our one-page-summary of the GDPR and/or contact us for more information about our awareness training courses.