As you may know from our client alerts, the European Union has passed a new regulation, the EU General Data Protection Regulation (“GDPR”) that takes effect on May 25, 2018. It may apply to your company, and it will also apply to us at Foley Hoag.
It is causing a flurry of emails, asking message recipients to proactively opt-in to future correspondence. Many companies are taking this opportunity to contact everyone on their distribution lists to subscribe again or risk being removed from receiving future communications.
What is the GDPR?
The GDPR is, as its title indicates, a “general” regulation which applies to the collecting and processing of personal data of data subjects in the European Union by all kinds of entities in all activities. The GDPR replaces the EU Data Protection Directive 95/46/CE (“the Directive”). The purpose of these rules is to protect the personal data of individuals in the EU. The GDPR is presented as “an essential step to strengthen citizens’ fundamental rights in the digital age.”
If you have more interest in the GDPR, data privacy, or protecting your data assets
Our attorneys are well-versed regarding compliance with the GDPR and U.S. federal laws and regulations, including the FTC Act, the Computer Fraud & Abuse Act (CFAA), the Electronic Communications Privacy Act as amended by the U.S. PATRIOT Act, the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Children’s Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA).
Foley Hoag’s Data Privacy & Security practice has deep experience in all of these areas, having advised a variety of organizations – from start-ups to Fortune 100 companies – for many years. We have helped clients draft policies, train personnel, defend against data breach claims, manage breach reporting and governmental investigations, and appropriate actions to take in response to unique privacy and security scenarios.