In a short two months, the European Unions General Data Protection Regulation will take effect. The deadline for compliance is May 25, 2018. The GDPR significantly expands the jurisdiction of the EUs data privacy framework to companies processing or controlling the personal data of employees or other individuals residing in the EU regardless of the companys location. The GDPR covers companies if it falls under one of the following tests: establishment, goods and services or monitoring. Among other heightened requirements and obligations, if a company is covered under the GDPR, it will be subject to stricter rules on obtaining employee consent to process and share personal data; it may have to appoint a data protection officer; and its employees will have greater rights with respect to access and control of their personal data.
