There’s no getting around it. Passed in May 2016, the European Union (EU) General Data Protection Regulation (GDPR) replaces the minimum standards of the Data Protection Directive, a 21-year-old system that allowed the 28 EU member states to set their own data privacy and security rules relating to the information of EU subjects. Under the earlier directive, the force and power of the laws varied across the continent. Not so starting May 25, 2018.
On that date, organizations will encounter new, uniform data protection requirements relating to the information of EU subjects—or potentially face hefty fines.