Robert Mills of Information Security Forum on Who Must Comply, and How to Prepare for the GDPR.


In North America, many organizations mistakenly believe the European Union’s General Data Protection Regulation won’t impact them, says Robert Mills of the Information Security Forum. “If they are multinational and holding EU data, it does apply to them,” he points out.

“This regulation has teeth. We’re talking about 4 percent of annual turnover [maximium penalty for noncompliance]. That is a big hit, for even a multinational. So organizations need to be looking at this now.”

In a video interview at Information Security Media Group’s recent Toronto Fraud and Breach Prevention Summit, Mills also discusses:

  • Who should take ownership for GDPR compliance preparation before enforcement begins next May;
  • What organizations should be doing now to prepare;
  • The implications for failing to comply with GDPR.

Mills is the regional director, U.S. and Canada at the Information Security Forum.

Read the full article here.