The General Data Protection Regulation (GDPR) is the biggest shake up in data protection that has ever occurred and will be replacing all the national data protection laws all over Europe. The regulation was published in the Official Journal of the European Union on 4th May 2016 and will be applicable in its entirety as from the 25th May 2018.
From this date, any organisation established within the European Union that is holding, storing or using personal data will be required to comply with the new rules. The GDPR will have a significant impact upon IT. Thus, data controllers and data processors will need to think ahead about it. Below is a description of a few of the key changes which were made. However, this is not an exhaustive list.