As PR professionals, one of our main responsibilities and day-to-day tasks is keeping up with the news cycle and advising clients on topics they should be discussing and sharing a point of view on. GDPR is a topic that is prevalent in the technology media lately, and your clients in the tech industry most likely have—or should have—a POV on it.

But let’s start at the beginning.

What is GDPR?

GDPR stands for General Data Protection Regulation and is a regulation the European Union (EU) has put in place to protect their citizens’ data, such as basic identity information and web, health and political data.

Why is it important for companies in the U.S.?

The regulation requires any company which collects data from European Union citizens to comply with the rules around protecting customer data. Because the majority of U.S. companies today have customers based in the EU, this significantly impacts their security teams and protocols.

Most companies are well underway to ensuring GDPR compliance, but it can be a long and complicated process, involving hiring and restricting their IT infrastructure.

When does it go into effect?

By May 25, all companies with EU citizen data are required to be compliant or risk steep penalties.

How can I insert my clients into the conversation?

The first step is to consider your clients’ technology and determine their unique angle on the news. For example, if they’re an open source company, what does it mean for their community? If their focus is recruitment and hiring, how does the DPO (Data Privacy Officer) position impact hiring strategies?

Third-party research is another way into the conversation. Conduct a survey of senior security professionals to see how GDPR is impacting their internal teams, or spend some time considering what the big story will be after the regulation is in place and preemptively asking survey questions that will fit into that narrative.

Is your client attending the RSA Conference in April? It will be largely focused on GDPR this year; make sure they are media-ready with an interesting take on the topic to share with reporters, analysts and other conference-goers.

Last but not least: be proactive in speaking with security-focused journalists. Reach out to ask if there’s an angle to the story that they’re interested in but are not being pitched.

Still need more details?

Still find yourself lost in the details of GDPR? You’re not alone. Luckily, our friends at CSO Magazine put together a comprehensive guide to the topic, including a video and Q&A.

If you’re still trying to figure out what your clients have to add to the conversation, it’s a great place to start.