It does two things. First, it puts more power into the hands of the consumers. If you’re an individual and your information is being collected by a company, you can request to have access to your information, you can correct your information and you can ask a company to delete information they have about you. It gives you more power than what you have today under the law.

From day one, organizations have to think about privacy and think about how they’re giving rights to the consumers, which has never been done before in the law.
Nick Merker
partner, Ice Miller
The second thing that it does is it requires companies to think about privacy throughout the entire lifecycle of new projects and new products they are developing. From day one, organizations have to think about privacy and think about how they’re giving rights to the consumers, which has never been done before in the law.

How will the GDPR rules influence operations in U.S. businesses?

Merker: In the U.S. today, there are many companies that are somewhat ignoring compliance with privacy laws, whether it be the laws in the EU or U.S. The new GDPR rules will change that. With the threat of massive fines and the requirements that you have to have, many companies are now coming into the fray and doing things appropriately for privacy that weren’t [done] before.

Sourced through Scoop.it from: searchcompliance.techtarget.com