What should American companies do in the meantime? A few things:
- Don’t panic and make decisions about where to host data based on the current situation. Events are fluid, so hold tight.
- Get model contracts in place, but prepare to demonstrate compliance with their provisions in a much more robust way in order to successfully weather DPA investigations prompted by citizen complaints.
- Prepare for a shorter grace period to implement the GDPR requirements in your European operations, just in case.
And, most importantly, move full-steam ahead bringing your American innovations and can-do attitude to the European market. Our shared future depends on it.
Jay Cline leads the privacy practice at PricewaterhouseCoopers LLP.
Sign up for CIO Asia eNewsletters.