The new European Union General Data Protection Regulation (GDPR) took effect on Friday, May 25, 2018, but many companies are still hard at work becoming compliant with this broad and stringent regulatory scheme governing privacy and data security. This new law reaches companies located in the United States who process any information (personal data) of identified or identifiable natural persons (data subjects) located in the European Economic Area (EEA), and regulates how, when and what security measures apply to the processing of that personal data by businesses. Not only might GDPR compliance be legally necessary, it also fosters good business practices and facilitates business growth by opening doors with potential business partners.
Although there is no silver-bullet for GDPR compliance, once you have concluded that you might have this type of data making its way through your systems, these are the types of tasks a company can expect to undertake as it seeks to become compliant. Just remember: MAP DATA, DOORS O(PEN). To see the specific tasks, read the full article by Ryan Perry, The Process of GDPR Compliance: MAP DATA, DOORS O(PEN).