Managed cybersecurity service Bay Area

(510) 272-4701



Last Chance to Prepare for GDPR Compliance

Anne Bisagno


When the European Union's General Data Protection Regulation (GDPR) goes into effect on May 25, companies doing business in the EU will face a much higher bar for data security compliance. Here are some key requirements you need to know:


  • GDPR applies to all companies that process personal data of people who live in the EU, even if the company itself is outside the EU.
  • Data subjects must be given more information when their data is collected.
  • Both consent and explicit consent now require clear affirmative action, and individuals can revoke their consent to data processing at any time.
  • The minimum age for individuals whose data can be collected is rising from 13 to 16.
  • Organizations must delete data that is not being used for its original purpose.
  • Organizations have 72 hours to notify regulators of data breaches that pose a risk to data subjects.
  • There is a single national office for complaints.
  • Large data controllers must appoint a data protection officer.
  • Proven noncompliance carries a penalty of up to roughly $24.5 million, or 4% of total global annual turnover for the preceding financial year.

If you're still not ready to meet the GDPR's data privacy standards, contact us.

Ready to learn more? Get the latest Xantrion news and IT tips.


Like leading SF Bay Area based MSP Xantrion on Facebook Award-Winning Bay Area managed IT service provider Xantrion is on Linkedin Follow top Bay Area MSP Xantrion on Twitter