Steven Buchwald Discusses How Small Businesses Should Prepare For GDPR

Share Article

Steven Buchwald of Buchwald & Associates today offered his thoughts on the European Union’s General Data Protection Regulation in regards to how it will impact the small business space.

News Image
One misconception I’ve seen around GDPR is that businesses that don’t operate in the European Union don’t really need to pay attention to it.

Steven Buchwald of Buchwald & Associates today offered his thoughts on the European Union’s General Data Protection Regulation in regards to how it will impact the small business space.

Set to come into effect in May 2018, GDPR is a directive designed to update data privacy regulation across the EU. It applies broader protections to citizens of the region and increasing the penalties for noncompliance. One of GDPR’s most frequently-discussed articles is the right to erasure, which stipulates that a company must, at a citizen’s request, delete all personal data from their servers.

“One misconception I’ve seen around GDPR is that businesses that don’t operate in the European Union don’t really need to pay attention to it,” explains Buchwald. “This is especially prevalent with small businesses, who may not yet have a global client base to draw upon.”

This idea, Buchwald says, is dangerous for several reasons. Firstly, GDPR does not distinguish between an overseas business and one based in the EU - which means that if a startup acquires an EU-based customer, the regulation applies to that customer’s data. Second, Buchwald feels GDPR may only be the start.

“Governments are paying more attention to data security and protection than ever,” Buchwald says. “It seems likely to me that other governments and regulatory agencies may soon follow GDPR’s lead. It’s better to prepare for that event before it happens, rather than after.”

Finally, Buchwald notes that most of the regulations in GDPR require only that a business engage in good security practices and data hygiene.

“Any startup that keeps their data organized, controlled, and secure should have no issues complying with GDPR - or any other data protection regulation, for that matter,” Buchwald explains. “I’d advise any business owner that has doubts about data fidelity and security to hire a data protection officer - even if it’s a temporary position.”

Buchwald also advises using a collaboration tool that allows IT to control how files are shared and used, educating staff on proper security practices, and maintaining automated, offsite backups.

For his part, Buchwald says that he will continue doing everything he can to help entrepreneurs navigate the oft-complex measures involved in founding a startup - whether that involves compliance with GDPR or anything beyond.

“Regulations like GDPR can be intimidating at first,” says Buchwald. “But with the right approach and the right information, compliance is within reach.”

About Buchwald & Associates
Buchwald & Associates is a full-service law firm with deep tech startup expertise. The firm is managed by Steven Buchwald, a leading startup attorney, helping entrepreneurs navigate through the company formation and fund raising stages, as well as day-to-day issues like drafting and negotiating contracts. Featured in multiple publications such as TechCrunch, Inc. and Forbes, Steven Buchwald is one of the leading legal authorities for business professionals, particularly entrepreneurs and investors.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Steven Buchwald
Follow us on
Visit website