GDPR - General Data Protection Regulation

GDPR sets strict rules regarding the collection and processing for Personally Identifiable Information for citizens of the EU.


It applies to all organizations holding and processing EU resident's personal data, regardless of geographic location. If any organization, worldwide offers goods or services to, or monitors the behavior of EU residents, it must meet GDPR compliance requirements. GDPR effects departments across the enterprise – legal, IT and security – leading to the need to work cross-functionally across the organization. It includes increased fines, breach notifications, opt-in consent and responsibility for data transfer out of the EU. It permanently changed the way customer data is collected, stored and used.  The fines for the most serious violations are very high and a percentage of total global revenue.


Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.