When the General Data Protection Regulation (GDPR) came into effect in May of 2018, many legal departments were confronted with the gravity of just how they were going to comply with such a wide-reaching law. If you have international customers (both direct to consumer or business to business), it is not hard to convince your general counsel that compliance with the GDPR is a must. You may even be able to get the chief technical officer (CTO) or chief operating officer (COO) onboard just by mentioning the steep fines—two to four percent of worldwide gross revenue. But how does the compliance message and method then trickle down to database administrators, product managers, software engineers, and enterprise architects? In order to get to the level of operational readiness companies strive for, it takes a village to facilitate moving the needle of regulatory compliance on any scale. In this Article I will chronicle what I have seen as building blocks in helping companies prepare for and execute on privacy initiatives.
Susy Mendoza, GDPR Compliance—It Takes a Village, 42 SEATTLE U. L. REV. 1155 (2019).
Civil Law Commons, Commercial Law Commons, Computer Law Commons, European Law Commons, International Law Commons, Internet Law Commons, Marketing Law Commons, Other Law Commons, Privacy Law Commons, Public Law and Legal Theory Commons, Science and Technology Law Commons, Torts Commons, Transnational Law Commons