Comprehensive European Union privacy rules take effect for all industries in late May 2018. The change affects all verticals including bank cards. U.S. industries must examine their customer bases to ensure they are not at risk.
Mercator Advisory Group’s latest research report, General Data Protection Regulation: The European Union’s Cross-Industry Approach to Data Protection, summarizes the specifics of the EU’s new privacy rules and risks to U.S. businesses that do not prepare for the latest EU mandates.
“Unlike the revised Payment Services Directive (PSD2), which has only a partial influence on U.S. card markets, the General Data Protection Regulation can cause non-European markets regulatory fines,” comments Brian Riley, Director, Credit Advisory Services, at Mercator Advisory Group, the author of the research report. “Keep in mind that compliance with PCI does not mean your organization satisfies GDPR’s privacy and data breach requirements. If there is even one EU citizen in your credit file, you need to ensure compliance.”
This research report contains 19 pages and 7 exhibits.