HR Dive reports that cybersecurity, data privacy, and AI could leave employers legally exposed.
The Story
This exposure stems from the complex interplay of new technologies and existing regulatory frameworks.
Why It Matters
This isn't just an HR problem; it's a legal one for any firm, including yours. When you adopt AI, especially with client data, you face new risks under GDPR and the upcoming EU AI Act. Sending client details to US-based AI tools without due diligence is a clear path to non-compliance. What I've seen is firms underestimating how quickly AI use can create new liabilities if not managed properly.
What To Do About It
First, audit your firm's current AI use, even incidental use by associates. Identify any tools processing client data, especially those hosted outside the EU. Then, check if your Microsoft 365 Copilot settings are configured for data sovereignty; most firms already have it and aren't using it correctly.
