GDPR covers the collection, protection and retention of personal data, as well
as specifying procedures and timeframes for breach notifications and remedies.
While much of the focus on the GDPR has been on and by firms with a presence in
Europe, organizations based OUTSIDE of the EU are in theory governed by the GDPR.
Developing your GDPR Readiness approach is often as simple as applying a common sense risk assessment.