SYS-CON MEDIA Authors: Doug Masi, Mat Mathews, Newswire, David Smith, Tim Crawford

News Feed Item

European Parliament Data Protection Regulation Vote Means U.S. Firms Must Comply

Today’s overwhelming vote by the European Parliament regarding the data protection Regulation puts a chilling effect on the ability of U.S. companies to transmit or receive physical or electronic data from the European Union. Strict requirements can be met by CSR services that help customers conduct complete reviews, including gap analytics, of the life cycle of the data of customers, employees and vendors processed in their organizations.

European Union data protection reform is now “irreversible,” according to Viviane Reding, the EU's Justice Commissioner. Pillar Two of the Regulation states, “non-European companies will have to stick to European data protection law if they operate on the European market.”

“This means that U.S. companies, even if they do no business in Europe, should be prepared to meet or exceed EU regulation for the purposes of business operations. We believe that federal U.S. regulation will strongly mimic the European rule set for the purposes of global legal harmonization,” says CSR Founder Ross Federgreen. “The CSR gap analytic will help identify and codify those areas that are deficient as well as proficient in terms of compliance and life cycle management of personal information.”

The data protection legislation, which passed the European Parliament by a vote of 621 to 10, means that U.S. companies, among other requirements, must be able to respond to inquiries of personal data, as well as modify and store data in a secure environment. Identifying vulnerabilities for remediation will be critical for U.S. companies to comply with these rules because the penalties for failure to comply with the European Union requirements, such as data breach reporting, include penalties up to 5% of annual gross revenue.

CSR helps firms fulfill another component of the EU Regulation with its patented CSR Breach Reporting ToolKit® system for the expeditious reporting of the loss, breach, compromise or exposure of data to relevant authorities. CSR’s award-winning solution aggregates organization and breach information, selects relevant reporting entities based on geography and types of breach data, and generates breach reports to appropriate authorities as required by a variety of international, federal and state laws and regulations, including laws in over 100 countries.

CSR’s breach reporting service solves the problem of how to file reports to authorities when timing is critical and the web of legislation and regulation that protect many types of personally identifiable (PII) and protected health information (PHI) is increasingly complex. Failure to report to any one authority in a timely fashion may result in costs, penalties and civil sanctions that continue to escalate.

Health care providers, financial institutions, payment processors, business records management, alarm, security industry and other value-add resellers, franchisors and other associations interested in offering any of the CSR ToolKits or CSR consulting services to their members can email [email protected] or call 1-866-462-7774 x157 for more information.

About CSR

CSR is the leading provider of data compliance solutions and expert business services that helps organizations turn compliance into revenue both domestically and around the globe. We enable compliance with Personally identifiable information (PII) requirements and Payment Card Industry (PCI) standards while facilitating best practices to reduce the business risk and financial liability associated with the acquisition, handling, storage, sharing and disposal of data. The company is a PCI Security Standards Council Participating Organization and is a member of Merchant Acquirers’ Committee (MAC), International Association of Privacy Professionals (IAPP), Electronic Transactions Association, European Privacy Association, Hospitality Financial and Technology Professionals (HTFP) Association, and National Indian Gaming Association (NIGA). Founded in 1999, CSR is a privately held corporation headquartered in Jensen Beach, Fla. For more information, please contact CSR at 866.462.7774 or visit

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.