For U.S. companies subject to the GDPR, figuring out breach notification obligations is about to get even harder as the GDPR adds another layer of complexity to the existing patchwork of 50 different state breach notification laws and several federal ones.

The GDPR will come into force on May 25, 2018, and it will apply to thousands of U.S. companies that use or store the personal data of individuals living in the EU.  Not only … Continue Reading