Why would US company consider GDPR?
Most businesses today, especially innovative ones, collect and process personal data.
GDPR is the EU regulation requiring organisations who provide services or process personal data in the EU to comply with its requirements regardless of the organization’s location. Hence, US company has to become GDPR compliant even their services are provided online without physical presence in the EU. Such companies have to comply with both, the US and the EU privacy regulation.
Complying with both regulations is challenging requirement as EU has different approach to human rights compared to the US regulation.
To enable US businesses benefit of the extensive experience we have in helping organisations face new privacy regulation and avoid costly mistakes, Ostendo Consulting established its US subsiduary.
Our team has extensive experience with both, the US and the EU privacy regulation.
To help our clients simultaneously deal with multiple privacy requirements, we specialized in designing and implementing personal data management systems – comprehensive combinations of organisational structures, deployed responsibilities, organisational and technical controls designed to perfectly fit into the organisation and merge with existing risk and compliance management processes.
Multidisciplinary team consisted of experienced legal and information security experts has extensive experience in GDPR implementation for organizations of various sizes doing business in number of industries.