Unless You Are Based in Europe
Some businesses are attempting to capitalize on confusion over just who the GDPR applies to…
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . .
Several Clients have emailed a question to me this week (one even picked up that thing called a telephone, and called me): What are we supposed to do about GDPR? It turns out that several “multinational players” in the security market are using this European Union regulation to “scare up” new business. Their marketing people might want to read the regulation:
The critical part: “When the regulation does not apply: Your company is [a] service provider based outside the EU. It provides services to customers outside the EU. Its clients can use its services when they travel to other countries, including within the EU. Provided your company doesn’t specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR.”
We interpret that to mean that even if you DO have customers who live in the EU, for most community based banks in Indiana, you do not have to comply.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Managing Partner, infotex
Dan’s New Leaf is a fun blog to inspire thought in the area of IT Governance.
A Webinar Back by popular demand! Based on what Dan is finding in reviews of several
While we’re not a news service, we often use current events to comment on trends and
Welcome IBA Forum attendees! Looking to set up your own program for people to work fr
A short. This presentation is intended for those who are planning to participate in a
An Update to the FFIEC Outsourced Cloud Computing Document In April 2020, the FFIEC r