A uniform law across the EU and beyond, with new requirements for documenting IT procedures, performing risk assessments, rules on breach notifications, and tighter data minimization – establishing a single law to enforce European data protection rules and regulation and the rights to personal data protection. The GDPR applies to EU based companies, and companies that collect data of EU citizens, regardless of their physical presence in the country. The GDPR means that it’s more critical than ever to know your data. Where is your sensitive data stored? Who is accessing it? Who should be accessing it?