US universities that monitor the behavior of or offer goods and services to EU residents must comply with the EU GDPR (General Data Protection Regulation).
According to Corporate Counsel many US schools don’t understand the impact of the GDPR. Julia Funaki, associate director of international education services at the American Association of Collegiate Registrars and Admissions Officers (AACRAO), said that “awareness of the GDPR at US institutions is growing, but progress appears to be slow.” AACRAO’s May 2018 report, ‘Implications of the General Data Protection Regulation – An Interassociation Guide,’ outlines the responsibilities of schools.
How does the GPDR affect North American universities?
Since the GDPR came into effect, US universities are trying to understand how to comply with the Regulation in terms of the data they hold on students in their overseas programs, students from the EU enrolled on their US and EU campuses, and employees with EU residency. Potential students often supply personal data to the school, which can include potential students based in the EU. US universities marketing to EU residents need to comply with the Regulation when collecting data to market to potential students from the EU.
Aiding universities with compliance
If you would like to know more about GDPR compliance, register for our webinar, ‘Why should North American organizations comply with the GDPR?’ Tuesday, July 24, 2018, 1:00pm-2:00 pm, EDT. The webinar will cover the GDPR’s requirements and how this relates to U.S. frameworks and laws.
You might also be interested in our GDPR compliance checklist: the key steps to GDPR compliance, which highlights the steps you need to take to demonstrate compliance with the GDPR.