Europe’s new General Data Protection Regulation comes into effect today, regulating how companies can use personal data. The law reaches outside of Europe as well as into the staffing industry, and any company doing business in Europe.

“Staffing companies that recruit or supply staff from the EU, or that collect personal data relating to an identified or identifiable individual (data subjects) within the EU, must comply with the GDPR — regardless of where they themselves are based,” Fiona Coombe, SIA’s director of legal and regulatory research, wrote in an article in Staffing Industry Review magazine. The article is available free online.

Data protection authorities will be able to fine companies that do not comply with EU rules; in the most serious cases, such fines may reach €20 million, or 4% of their global annual revenue.

“Although this is the first major overhaul of EU data protection law in the internet-enabled age, many of the rules are consistent with previous legislation. What has changed is the emphasis on transparency and accountability, and putting individuals in control of their data,” Coombe said.

SIA members can also refer to the Implementing GDPR: A Guide.

Despite the deadline, Crowd Research Partners’ 2018 GDPR Compliance Report found only 7% of companies were on track to achieve GDPR compliance by today, with the majority citing lack of expert staff for their failure to comply with the newly implemented regulation.

Bloomberg reported some of America’s biggest newspapers and online services blocked people from accessing their products rather than comply with the regulation. The Los Angeles Times, the Chicago Tribune and The New York Daily News are just some telling visitors that, “Unfortunately, our website is currently unavailable in most European countries.”