Vistra content is developed by experts to increase your professional knowledge and lower your global operating risks.


Few laws have had greater reach than the EU’s General Data Protection Regulation, which went into effect last May. Any business that collects the data of EU citizens must comply, and in today’s digital world that includes virtually any multinational organisation, whether or not it has a physical presence in an EU country.


Virtually all multinationals are aware of Europe’s General Data Protection Regulation (GDPR), a sweeping law that has significant ramifications for HR departments. If you employ workers based in Europe, you need to know your GDPR-related obligations in detail to protect yourself from fines and reputational damage. Unfortunately for employers, the GDPR is not the only recent change to Europe’s employment landscape. Multinationals must respond to other ongoing legislative and cultural shifts if they hope to attract and retain talent and in some cases avoid penalties. These changes include those related to Brexit, flexible working hours, six-hour workdays, discrimination protections and more.


If your organization processes the personal data of EU citizens, you need to comply with the EU’s General Data Protection Regulation (GDPR), even if you don’t have a legal presence in an EU country. The GDPR comes into effect on May 25, 2018, and many companies are still scrambling to determine what they need to do to protect themselves from penalties, which can be substantial. This presentation provides information about the key concepts of the GDPR, and some essential policies and procedures you need to implement to lower your risks.