A quick Google search will inform you that General Data Protection Regulation (GDPR) is a European Union (EU) regulation intended to strengthen and unify data protection for people within the EU.
Here's Why American Businesses Should Be Concerned About GDPR
Last week while I was in Barcelona attending SAP's Hybris conference, I attended a power panel that included Susan Etlinger, industry analyst for Altimeter Group (a division of Prophet), Dr. Alea Fairchild, on the Faculty of Economics and Business at KU Leuven University, Tim Walters, GDPR Advisor, and Paul Greenberg, founder and Managing Principal of the 56 Group. They made some very compelling arguments about GDPR's impact on businesses globally.
GDPR Will Change Data Protection ... Globally (Not Just in Europe). The first thing you need to understand is that while this regulation was developed in the EU, these regulations will impact any business that collects data in any way with customers in Europe. If you have an ecommerce site, for example, and allow your products or services to be purchased by someone in the EU, you will be held to this standard. Even if the bulk of your business is done in the US, the minute you collect data from someone in the EU, your data protection standard must adhere to GDPR. As Wired puts it, "Individuals, organizations, and companies that are either 'controllers' or 'processors' of personal data will be covered by the GDPR".
Walters took the time to go into further depth in his 90-minute GDPR podcast, and Dr. Fairchild will soon be publishing a white paper on GDPR. In fact, a quick Google search and you'll have no problem finding a ton of research and insights on the impact of GDPR on your business. It's just one of those things most businesses have successfully ignored but soon will be unable to disregard.
At SAP Hybris this year, it's clear that GDPR is not only an important topic for SAP itself, but for its many global customers. Preparing for 2018 enforcement of these new regulations has encouraged SAP to ensure that everything from its cloud architecture to its ecommerce offerings are compliant with GDPR.
The GDPR standard will likely begin with global companies such as Facebook and Google who profit from the customer data they collect and because they do regular business in the EU. GDPR will become a 2018 industry standard in the US shortly after it takes hold in Europe. Don't get blindsided in June of 2018 when your customers expect to control the data you collect about them.
The bottom line is that the EU has set a new standard in data protection and the companies that embrace these new standards will be well prepared for the coming shift in expectations that consumers will have with respect to their own data in 2018. If you're not already implementing these changes, you may be playing catch up on something that wasn't even on your radar screen.