Europe’s New Privacy Rules Could Be Coming to Your Country

May 25 marked the deadline for companies to get in compliance with the General Data Protection Regulation (GDPR), an EU law that requires beefed-up data security for all companies that “process” the data of EU citizens (“processing” can mean anything from storing birthdays and past places of work to archiving emails and more).

The law applies not only to companies that count EU citizens among their customers but also to those who employ EU citizens. After all, there’s no more sensitive personal identifying data than what’s in an HR file.

Whether you were scrambling to get compliant before May 25 or blissfully unimpacted by GDPR, it’s worth paying attention to the new law. In all likelihood, it will be a trendsetter, meaning that companies (and especially HR departments) should expect data security requirements from all countries to ramp up from here.

Increased data scrutiny in the U.S.

In the U.S., increased enforcement standards for employers of foreign national workers have been in effect for more than a year now. Aimed at minimizing fraud associated with certain non-immigrant visas (notably the H-1B), these measures mean U.S. employers must be more vigilant than ever about securely storing relevant paperwork for foreign national workers: that data now needs to be both easily accessible in the event of a site audit and stored so that it meets existing security protocol.

Those security protocols are different, in requirements and strictness, for every country – and they’re all subject to change. It’s a lot for an HR department to keep track of, even if your company only has employees from two or three countries.

The stakes for getting everything right are high, too: Noncompliance could lead to fines, business interruption, and even ejection from a country (for your business or for an employee).

Preparing for tomorrow

The good news is that there are concrete steps you can take to ensure your business is ready to adjust to whatever new data security requirements become law in the coming years:

Article Continues Below

Evaluate your current data security: You can bring on a data protection officer, hire a consultant, or build an in-house team (IT, HR, legal, etc.) to do this. The goal is to get a sense of where your company currently stands on data security.

Map out a plan: Once you know where your company is today, create a plan that will improve your data security systems and practices so that you’re ready to comply with new GDPR-like laws that pass in the near future.

Choose the right tools: In our annual Immigration Trends survey, we found that 62% of employers are using technology this year to increase data security, and 48% are investing in tech platforms specifically to support the immigration process. As laws become stricter around the world, managing data security for employees from various countries will only become more complex. A tech platform that supports your efforts will be essential for staying in compliance and avoiding fines and penalties.

While improving data security at the enterprise level is a major undertaking regardless of your company’s current practices, doing it sooner rather than later will ultimately save you time and money, especially as you manage (or build) your international workforce.

Mahi Inampudi is the vice president of product and technology at Envoy. He is a proven leader with more than 15 years of experience developing disruptive technologies for fast-growing software companies. Prior to joining Envoy, Inampudi held the same position at DRIVIN, a data and technology company that is helping redefine how automotive dealers source and acquire used vehicles. He oversaw a number of product launches during his tenure, many of which were first of their kind. Previously, Inampudi was head of technology at In that role, he led the web, data, analytics and DevOps teams. He was also responsible for the re-build of the web site, data integration and infrastructure following its acquisition by CoStar Group. Inampudi received a master’s degree in management from Liberty University and a bachelor’s degree in computer science from Bharati Vidyapeeth in India.

Having experienced the immigration process firsthand as an employee, employer and a family member for over a decade, the decision to join Envoy was a very personal one for Inampudi. He’s excited to be part of an organization that contributes to the greater good and enjoys playing an integral role in developing transparent and efficient technology solutions that allow businesses to easily manage their entire global workforce and continue to modernize the immigration process for HR, legal services providers and employees.