Optiv Cybersecurity Dictionary

What is GDPR - General Data Protection Regulation?

General Data Protection Regulation (GDPR) sets strict rules regarding the collection and processing of personally identifiable information for citizens of the EU.


It applies to all organizations holding and processing EU residents' personal data, regardless of geographic location. If any organization worldwide offers goods or services to EU residents, or monitors their behavior, it must meet GDPR compliance requirements. GDPR affects departments across an enterprise – legal, IT and security – leading to a need for cross-functionally in the organization. It includes increased fines, breach notifications, opt-in consent and responsibility for data transfer out of the EU. It permanently changed the way customer data is collected, stored and used.  


The fines for the most serious violations are very high and a percentage of total global revenue.


Contact Us