As the deadline for General Data Protection Regulation (GDPR) compliance draws near, US-based asset managers that fall within its scope are cautioned that the Friday date does not represent an endpoint. Efforts to comply with the GDPR will continue past that date, as businesses subject to its requirements grapple with its extensive obligations, and for which non-compliance could lead to steep regulatory fines. Doron Goldstein, an Intellectual Property partner and co-head of the firm's Privacy, Data and Cybersecurity practice, notes in an article on Ignites that for most companies, the biggest compliance challenge is oversight of third-party vendors. In general, the more vendors a manager works with, the more complicated GDPR compliance is, according to Doron. "It's a matter of functionally trying to mesh multiple [GDPR compliance] programs together. No two compliance programs are identical."
Read "GDPR Compliance Countdown: Shops ‘Just Not There' Yet" in its entirety.