Who it affects, why, and what defines personal data. The European General Data Protection Regulation will go into effect on May 25, 2018. The GDPR elevates the protection of personal data to a top legal compliance and strategic priority for companies around the world that work with the personal data of European residents. The GDPR defines personal data broadly and puts the individual at the centre of data protection. It gives every EU resident the right to know and decide how his or her personal data is being used, stored, protected, transferred and deleted. Individuals have the right to restrict further processing and to request that all their data be erased (the right to be forgotten). Why GDPR? GDPR compliance requires organizations to make a holistic review of their practices regarding the collection, use and protection of both physical and electronic data. As companies take measures to comply, they will likely experience several challenges along the way. Confronted with a deadline of May 25, 2018, some organizations are getting nervous about complying with the GDPR, especially considering that financial penalties for noncompliance range up to €20 million or 4 percent of annual global revenue, whichever is greater. Who does the GDPR affect? An organization is not exempt from GDPR requirements just because it’s not based in an EU country. This sweeping legislation applies globally for any organization that processes the personal data of individuals who live in the European Union. Personal data, according to the GDPR, is any data that allows for the identification of an individual, directly or indirectly. A variety of factors that can identify a person – IP address or location data, for example – are now covered as a way to ensure personal data protection. It’s a broad definition, and one that’s expected to expand over time. Top 3 benefits of the GDPR… #1 Improve data governance to drive business efficiency. Working toward GDPR compliance can improve data governance. In turn, better data governance will contribute to your organization’s efficiency. Complying with GDPR will improve Storage and IT capabilities, and also elevate your company image amongst your peers. #2 Gain a competitive advantage. The GDPR gives organizations the opportunity to reassess all the data governance policies they’re currently using. Not only for personal data, but for all data. Data – in constantly growing amounts – is one of the most important assets any business can have. With the correct policies in place, companies can not only comply, but also build a competitive advantage. Think about the possibilities of improving analytical processes, optimizing operational efficiency and reducing costs. #3 Achieve higher customer satisfaction The GDPR benefits not just organizations – customers can also reap the rewards of compliance efforts. New services and initiatives aimed at satisfying customers – with the right products or services at the right time – will also emerge. With a holistic view of customer data – and insight into whether and how a customer wants to receive messages and actions – organizations can improve the customer experience by engaging in more relevant interactions.