(MENAFN - MENAFN Authors)
The Impact of GDPR on Investments in the MENA Region
When General Data Protection Regulation (GDPR) was introduced back in 2018, few businesses were fully prepared. However, those that were least prepared were businesses located outside of the EU.
Although GDPR relates to European businesses, it also applies to countries outside of the EU if they’re dealing with EU citizens. The Middle East has been particularly impacted by the change in privacy laws. So, how has GDPR impacted investments in the MENA region?
When might GDPR impact the MENA region?
GDPR largely relates to European businesses. However, there are circumstances where it might apply to the MENA region too. These circumstances include:
If a business is trading within the EU
If a business is tracking EU citizen data
Businesses which offer their products and services to EU nationals, regardless of where in the world they are based, will need to adhere to the GDPR laws. Similarly, businesses which are just using data to monitor EU citizens will also need to adhere to the regulations.
Security practioner, Samir Pawaskar from Qatar, claims that Middle Eastern businesses need to potentially re-engineer their information systems and processes in order to comply with these new laws. While Middle Eastern countries have their own data privacy laws, if they need to adhere to both local and GDPR regulations, it can pose numerous problems. That’s when an overhaul of information systems may be required.
How is it affecting investments in the region?
The MENA region has been a little more reluctant to invest in EU based exports. The fines for failing to adhere to GDPR have proven too much of a risk for many small to medium sized businesses. The costs of upgrading systems and making the required changes simply isn’t always seen as a worthwhile investment.
What can businesses do to comply?
Although the GDPR regulations are complex, there are ways MENA businesses can ensure they are adhering to the new guidelines. First and foremost, they’ll want to ensure they’re seeking the right advice. Experts from companies such as RSM, can help businesses understand the new regulations and the steps they need to take to comply.
All current privacy policies will need to be analysed and updated in accordance to the new regulations. Extra security will need to be installed to protect the data collected and monitored. Any security breaches will need to be reported within 72 hours, making it important for MENA businesses to be strict with their security protocols.
Overall, GDPR has caused a lot of issues, not just for European businesses, but for businesses around the world. The above is just some of the ways it has affected the MENA region. However, provided businesses follow the recommended guidelines, there’s no reason why they can’t continue to provide products and services to EU citizens.