The EU General Data Protection Regulation (GDPR) sets a new benchmark for privacy standards - and many organisations are adopting the European principles across their operations worldwide.
The GDPR will introduce new statutory requirements around data governance for EU companies and those targeting EU residents, including transparency, accountability and a greater acknowledgement of individual rights. Many of the principles reflect best data governance practices that are already being adopted by companies as part of their day-to-day risk management strategies, so adopting the GDPR as a global standard is a natural progression for some.
In other cases, the GDPR may force companies to bring about substantial process and policy change. Organisations that have so far failed to implement any meaningful data governance measures will face a significant upheaval to adopt all the necessary compliance mechanisms - but should benefit in the longer term through improved data management.
"As an EU regulation, GDPR creates important new rights specifically for individuals in the European Union," said Julie Brill, Microsoft's corporate vice president and deputy general counsel, in a statement. "But we believe GDPR establishes important principles that are relevant globally."