U.S. companies with global ties are required to comply with the European Union's (EU) General Data Protection Regulation (GDPR), which went into effect almost one year ago. Its purpose is to protect EU citizens from data-breach-related privacy violations.
Companies with a website or social media presence and an international customer base may be affected.
GDPR forces those who do business in the EU to subject themselves to a number of data governance requirements. There are new rights for individuals and new penalties for businesses.