In the current environment of increasingly aggressive malicious actors looking to infiltrate systems for monetary gain, protecting customer data remains at the top of every major corporation’s priority list. As software companies, we are stewards of that data and must ensure our processes and technology are designed correctly to maintain their trust and comply with the regulations set forth in the countries in which we operate—you can never do enough security.
Data privacy rules in the U.S. differ from those in the EU. In the US, we have a patchwork of legislation to protect customer data and ensure privacy, including the United States Privacy Act, Safe Harbor Act and HIPAA, which most American CIOs are aware of. The EU, on the contrary, has recently approved centralized, formal rules to apply across its member countries, the General Data Protection Regulation (GDPR), which go into effect on May 25, 2018.