GDPR Compliance: Special Challenges for Small and Medium-Sized Organizations

The EU’s General Data Protection Regulations (GDPR) came into effect on May 25, and companies collecting and maintaining even limited data about residents of the EU must comply. A U.S.-based company conducting only 5 percent of its business with European customers is still obligated to follow GDPR rules. But GDPR requirements are challenging to meet, and because smaller companies may have limited resources they risk falling short of requirements and facing the law’s serious sanctions of up to 4% of global revenue. But there are steps small and medium-sized enterprises can take to comply and limit their exposure to regulatory sanctions. What’s the Challenge for Small and Medium-sized…

READ MORE

Sequel Announces PrivacyMinder™ Platform

I am pleased to announce the launch of PrivacyMinder™, a new tool Sequel Technology & IP Law is offering to help you comply with data protection laws. PrivacyMinder brings together our deep experience in client counseling with the benefits of easy-to-use technology, a suite of educational videos, and a robust template database. PrivacyMinder is specially designed to meet the needs of companies that do not have the benefit of a compliance staff or legal counsel skilled in this area. PrivacyMinder was originally designed to assist companies in meeting the requirements of new laws like the EU’s General Data Protection Regulation. But it does more: PrivacyMinder helps you understand…

READ MORE

Massive Campaign To Inform EU Citizens about Their Data Rights Is Coming: Plan To Respond to an Informed & Active Citizenry

Companies collecting data from European citizens take note: a “massive” campaign has just been announced to inform consumers about their new rights under the General Data Protection Regulation (GDPR). The goal of the initiative is to better inform individuals about the rights afforded them by the new regulation that comes fully into effect in May 2018. While companies prepare to comply, it is clear that the lead commissioner charged with overhauling data protection laws – Věra Jourová, Commissioner for Justice, Consumers and Gender Equality — intends to ensure that data protection reform is thoroughly and meaningfully implemented. As part of that enormous task, she begins by ensuring that…

READ MORE

The Genesis for Achieved Compliance & PrivacyMinder™

I admit that, for many years I’d been skeptical about privacy and data protection regulation as too prescriptive and intrusive – as making too many demands on those who don’t have the benefit of extensive compliance staffs and well-funded resources. But after working with clients – companies like yours – I now am convinced that data protection and responsible data management are critical not only to legal compliance, but to business success. I believe that companies that take the steps necessary to meet the requirements of regulations like the General Data Protection Regulation (GDPR), the expectations of the U.S. Federal Trade Commission, or agreements like the Privacy Shield…

READ MORE

Non-Compliance with EU Law Is Still Not an Option

U.S companies hoping to avoid compliance with the requirements of EU law may want to think twice. It’s really time to get on with it. Despite early rhetoric from the Trump Administration, discussions between the U.S. Department of Commerce and the EU Commission last week indicate that the best course for businesses involving data about EU citizens is to take the steps necessary to comply. U.S. officials sent a clear message that they stand behind the commitments of their predecessors to promote compliance by U.S. businesses, at least with respect to the Privacy Shield. This likely reflects a broader U.S. government position that is pro-compliance. EU Justice Commissioner…

READ MORE