This is a guest blog post from Revelwood’s summer IT Policy Intern, Emily Kanter.
The General Data Protection Regulation (GDPR) is Europe’s new and improved data security legislation. It’s a complex 88-page document, comprised of 99 articles and 173 recitals (principles and intentions). While the GDPR gives individuals security to be more forthcoming with their information, it has definitely proved to be a bit of a headache for Revelwood and companies like Revelwood.
As the IT Policy Intern at Revelwood this summer, my job centered around the research of the GDPR and the individual intricacies that we must comply with. So, for about two and a half months, I dissected every part of the 88-page document and created materials to help ensure that Revelwood is GDPR compliant. I revised Revelwood’s IT Policies to abide by the GDPR, and I began the process of creating educational materials (procedural documents and an education program) so that all Revelwoodians would be aware of their responsibilities to be GDPR compliant.
At this point, I am sure you are wondering why you should care about the GDPR and why my work matters to you.
Let’s start with why you should care. Ensuring that you are GDPR compliant takes a lot of time, and it is both necessary and completely worth it to take the time, whether it be weeks or months, to research and to educate yourself. While the GDPR is based in Europe, its effects span globally. No matter where a company is, if it has clients in Europe or even prospects in Europe, it must be GDPR compliant. For example, if your company processes any information from European clients and your company is not GDPR compliant, it is subject to some hefty fees and potential lawsuits. So, while it may take a few weeks or months, it is worth it to ensure your company is GDPR compliant.
And lastly, why should my work matter to you? At Revelwood, we are committed to our Core Values, with one being “Do the Right Thing.” While we do not directly work with clients in Europe, there is a possibility our current clients process information from EU citizens. If we overlooked the GDPR and decided to address these issues when the time came, we would not be doing the right thing. At Revelwood, we stick by our Core Values, and to do just that, we abide by the GDPR.