The GDPR is a legal framework that sets guidelines for collecting and processing personal data of EU citizens. By May 2018, any organization handling EU citizens' personal data must comply with GDPR requirements. The GDPR strengthens data protection for individuals and implements penalties for noncompliance. Crown Records Management can help organizations prepare for and comply with the GDPR through services like a data protection officer, data protection impact assessments, and a GDPR readiness assessment.