What businesses need to know and do to prepare


The EU General Data Protection Regulation (GDPR) will replace the current Data Protection Directive 95/46/EC ('Directive') and will be applicable from 25 May 2018 in all EU Member States without need for implementing national laws.

The effect of the GDPR will by no means be limited to European organisations. Given its wide geographical scope, the GDPR will impact many organisations outside of the EU to the extent they target EU data subjects. 

Businesses should already start adapting their data protection compliance programs, processes and infrastructure to prepare for the changes.

We've identified 13 areas of particular interest that organisations need to be aware of and address as a matter of priority.