The Conference Board uses cookies to improve our website, enhance your experience, and deliver relevant messages and offers about our products. Detailed information on the use of cookies on this site is provided in our cookie policy. For more information on how The Conference Board collects and uses personal data, please visit our privacy policy. By continuing to use this Site or by clicking "OK", you consent to the use of cookies. 


The Long Arm of the Law: GDPR's Impact on HR Data

The European Union’s General Data Protection Regulation (GDPR), which went into effect on May 25, 2018, guarantees the right of individuals to be in charge of their own data and how it is used. It holds those who collect and use personal data—including employers—accountable for abiding by specific principles and practices. Companies must document their ongoing efforts to comply with GDPR and can be fined up to €20 million ($US 23.9 million) or 4 percent of their annual revenues, whichever is greater, for failing to meet the new standards. GDPR applies not only to EU companies but to any company outside the EU that stores or processes any personal data about individuals in the EU.

This publication is exclusive to members of The Conference Board.
For information about membership click here.



Mary B. Young, D.B.A.

Principal Researcher, Human Capital
The Conference Board


Marion Devine

Senior Human Capital Researcher, Europe
The Conference Board


Amy Ye

Researcher, Human Capital
The Conference Board

Support Our Work

Support our nonpartisan, nonprofit research and insights which help leaders address societal challenges.