Unless You Are Based in Europe
Some businesses are attempting to capitalize on confusion over just who the GDPR applies to…
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . .
Several Clients have emailed a question to me this week (one even picked up that thing called a telephone, and called me): What are we supposed to do about GDPR? It turns out that several “multinational players” in the security market are using this European Union regulation to “scare up” new business. Their marketing people might want to read the regulation:
The critical part: “When the regulation does not apply: Your company is [a] service provider based outside the EU. It provides services to customers outside the EU. Its clients can use its services when they travel to other countries, including within the EU. Provided your company doesn’t specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR.”
We interpret that to mean that even if you DO have customers who live in the EU, for most community based banks in Indiana, you do not have to comply.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Managing Partner, infotex
Dan’s New Leaf is a fun blog to inspire thought in the area of IT Governance.
One Response to “Unless You Are Based in Europe”
Leave a comment
Voice assistants can be helpful, but their “always on” functionality can leave you vu Read more
Previously thought to be designed to deliver a DDoS attack, VPNFilter can alter data Read more
Getting a message to the user is one thing, having them see it is another… An article Read more
US Cyber Command joins with the FS-ISAC to share threat intelligence… An article revi Read more