The cost of complying with the European Union’s General Data Protection Regulation might seem like something best deferred until it enters force in 2018 — but working on compliance just might boost profit, not reduce it.

The GDPR, the EU’s latest rewrite of its data privacy laws, doesn’t enter effect until May 25, 2018, but already IT companies are talking up their software and services for complying with the new rules.

It’s not just an issue for EU enterprises: Any company processing the personal information of EU citizens is affected.

What those companies can do with that information is more tightly controlled than before. Collection and processing of sensitive information is allowed only if the person concerned opts in, unless the information processing is necessary to fulfill a contract or to protect the person’s vital interests.

To read this article in full or to leave a comment, please click here