After four years of preparation and debate the General Data Protection Regulation (GDPR) was approved by the European Union Parliament on 14 April 2016. The enforcement date is 25 May 2018, at which time those organizations in non-compliance may face heavy fines.
The EU GDPR replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to empower all EU citizens and protect their data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found at the project website.