The European Union’s (EU’s) General Data Protection Regulation (GDPR) on data privacy went into effect on May 25, 2018. The law gives consumers more control over how their data is collected and requires companies to justify what they do with this information. It also gives companies guidelines on what they can and cannot do with personal data and requires them to be more clear about their data practices.
While GDPR is EU legislation, it impacts companies outside Europe, including U.S.-based businesses. Under GDPR, companies (including security solutions firms) will need to follow the law’s guidelines when collecting or using personal data, including names, contact information and images taken on security cameras. If your company deals with European individuals in any other country, it’s critical to ensure you are GDPR compliant to avoid penalties.
This resource, as part of SIA’s GDPR guidance, shares GDPR references for physical security and identity in the United States.