The European Parliament has voted into law the new General Data Protection Regulation (GDPR) that will replace the current EU Data Protection Directive as of spring/summer 2018. As reported here, the draft text of the GDPR was published the end of 2015, marking the biggest overhaul of privacy laws in the EU since 1995.

The final text of the regulation was released for approval on 6 April 2016 along with the text of its sister law, the EU Policing and Criminal Justice Data Protection Directive, which has also been approved by the European Parliament. The GDPR will now take effect twenty days from its post-vote publication in the Official Journal, triggering a two year transition period before its full entry into force.

With the transition period approaching imminently, it is important for organisations to begin preparing for what will be the biggest change to data protection laws in over 20 years.