The General Data Protection Regulation is now, effectively, law. Businesses have 730 days from official publication (expected to be in June) to comply. It would be a mistake to think that this is just a European issue: it will affect every business throughout the world that holds or uses European personal data.
“The European Commission welcomes the final adoption of the new EU data protection rules by the European Parliament, following the adoption by the Council last Friday,” announced the European Commission on April 14.