EU General Data Protection Regulation
The GDPR is here.
In December 2016, the EU Parliament and Council finally agreed upon the EU General Data Protection Regulation, first proposed in 2012, and as of May 25, 2018, it is in effect.
The GDPR offers a new framework for data protection with increased obligations for organizations, and its reach is far and wide. The GDPR is applicable to any organization — no matter where it resides — that intentionally offers goods or services to the European Union, or that monitors the behavior of individuals within the EU.
On this page, IAPP members will find relevant documents and expert analysis to help organizations determine if and how the GDPR will affect them.