The General Data Protection Regulation (GDPR) is the primary law regulating how companies protect EU residents’ personal data. Any association – and association vendor or partner – that handles an EU resident’s data must comply with these new standards, even if the association is not based in Europe. GDPR was approved by the EU Parliament on April 14, 2016 and goes into effect on May 25, 2018. Organizations that operate outside the rules of compliance after May 25 can face heavy fines: up to 4 percent of annual global turnover or $20 million, whichever is greater. Read the full Association Adviser article here.
H/t to Naylor's Association Adviser feature, April 20, 2018