The General Data Protection Regulation (GDPR) has made itself known and important in the security world since its passing in 2018. With GDPR being a more recent law, there are some misconceptions around who it applies to, what it is, how it affects companies across the globe, and much more.
After numerous customer calls and questions around GDPR, we’ve picked some of the most common GDPR myths to dispel for you.
🚫GDPR is a security framework.
✅It’s technically a privacy regulation & the primary focus is ensuring that personal data is processed appropriately.
🚫GDPR doesn’t apply to companies outside of the EU.
✅It applies to any organization that processes/holds personal data of EU residents.
🚫GDPR only protects EU citizen data.
✅It protects both citizens and residents of the EU.
🚫GDPR doesn’t apply to small businesses.
✅It applies to businesses of all sizes.
🚫GDPR-like regulations will remain in Europe.
✅Similar regulations have already extended beyond European borders i.e. California (CCPA).