K Royal is in the business of making sure companies are compliant with the European Union’s General Data Protection Regulation. As senior director of privacy at compliance and security company TrustArc Inc., she helps organizations bridge the gap between knowing they must fully follow the GDPR, and actually crossing the finish line.
“I’ve worked with startups to global companies who are established in every country,” Royal explained. “The most common factor was that the companies did not know what data they have and where it is stored.”
The GDPR, which came into effect on May 25, adds so many new requirements for companies that deal with European Union citizens’ personal data, that being able to locate it all is important. The law requires for instance, that companies report a breach to authorities within 72 hours and gives individuals the right to request data held on them and to have their data deleted. [continued]
Source: Dan Clark | The American Lawyer