Unless You Are Based in Europe
Some businesses are attempting to capitalize on confusion over just who the GDPR applies to…
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . .
Several Clients have emailed a question to me this week (one even picked up that thing called a telephone, and called me): What are we supposed to do about GDPR? It turns out that several “multinational players” in the security market are using this European Union regulation to “scare up” new business. Their marketing people might want to read the regulation:
The critical part: “When the regulation does not apply: Your company is [a] service provider based outside the EU. It provides services to customers outside the EU. Its clients can use its services when they travel to other countries, including within the EU. Provided your company doesn’t specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR.”
We interpret that to mean that even if you DO have customers who live in the EU, for most community based banks in Indiana, you do not have to comply.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Managing Partner, infotex
Dan’s New Leaf is a fun blog to inspire thought in the area of IT Governance.
Leave a comment
The seven best trend articles in 2019 . . . For ISOs of small financial institutions. Read more
A new exploit involving Apple’s FaceTime is a reminder that our gadgets can be turned Read more
At its peak over 11,500 employees were ensnared in the email chain… An article review Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more