To be honest, when I first saw the acronym GDPR showing up on sites and articles, I thought it was a typo related to information about East Germany (which used to be known as GDR at the Olympics) or Gross Domestic Products. It was only after a conversation with my brother, who works at a company that does business in Europe, did I realize that this is something not related to sport.
GDPR is the Global Data Protection Regulation, and it goes into effect on Friday. In vastly oversimplified terms, it is a data privacy rule that gives individuals more control over the personal data that is managed by companies and establishes strict requirements for how companies must manage and protect that information.
The law is only applicable to individuals who live within the European Union, but before you close this and go back to looking at cat memes, note that many companies are adopting the standard on a worldwide basis. It’s kind of like when one state has a really strict collection law and companies choose to apply that state’s requirements on their interactions in every state, to ensure compliance. You may have noticed privacy policy change notifications from companies like Apple, Google, and Facebook, for example.
That means any collection agency that needs to contact anyone living in the EU must comply with the GDPR. And it’s plausible to expect that financial services companies, like multi-national banks, may require their service providers to comply with GDPR, too.
The penalties for non-compliance are significant. Smaller companies can be fined up to $24 million.
This article talks about the implications for call centers, including collection agencies.
There are a lot of sites that outline what GDPR is and how it could impact companies here in the United States. It’s worth three or four minutes of your time to make sure you’re up to speed.