The European Union (EU) General Data Protection Regulation (GDPR) is the most significant development in data privacy in decades. Its aim is to protect EU citizens and residents from breaches of their personal data.
GDPR mandates a number of specific measures to protect EU data subjects and their personal data including requiring certain cyber security measures, prompt notification in the event of a breach, and mandatory encryption of the most sensitive categories of personal data. In large measure, achieving compliance comes down to good data security.
Vast amounts of information exist on what data needs to be protected, though there is relatively little public knowledge about how an company can deploy technologies and processes to secure this data.