A discussion with a peer pointed in the direction to think about how the implementation of GDPR would impact the educational institutions of the USA. The new regulation is much needed in the age of digitization as the data of students, employees, etc. is both private and extremely sensitive. The new law would be applicable to all the institutions that process the data of EU members/residents. Similarly, it would apply to the higher education in the USA.
“Failure to comply could lead to fines of up to 4 percent of global turnover or €20 Million, whichever is higher. Additionally, the law requires that data breaches be reported to European national state authorities within 72 hours, among other things (AACRAO, 2017)”.
Europe has the stations of several US institutions and they all will need to go through the new law cautiously as they would be communicating with the student, prospective students, faculty members who are living in the EU. Similarly, any US institution that admits an EU citizen would require developing data in compliance to the GDPR. GDPR has a much wider scope of data protection if compared to the federal laws for data protection in the USA. Apart from guarding the personal details of the students like names, address, etc., the educational institutions would be bound to secure their IP addresses too. GDPR also requires the protection of any distinct ID granted to the students, their electronic devices during the admission process (AACRAO, 2017).
“Barmak Nassirian, director of federal relations at the American Association of State Colleges and Universities, advised institutions with significant engagement with the E.U. to take “immediate steps to engage in good-faith compliance. These requirements, while not conceptually dissimilar to the existing array of U.S. privacy and data-safeguarding statutes and regulations, are decidedly both more rigorous and more high stakes” (McKenzie, 2017).
Do you think USA is preparing well to lower the impact of GDPR on its institutions?
References:
AACRAO (2017) New EU Data Protection Law to Impact US Institutions. Available at: http://www.aacrao.org/resources/resources-detail-view/new-eu-data-protection-law-to-impact-us-institutions (Accessed: 29 January 2018)
McKenzie, L. (2017) E.U. Data-Protection Law Looms. Available at: https://www.insidehighered.com/news/2017/11/06/eu-data-protection-law-looms (Accessed: 29 January 2018)
