The General Data Protection Regulation (GDPR) will be replacing Data Protection Directive 95/46/ec in Spring 2018, meaning information security teams need to start preparing now to ensure that their organizations remain compliant when the new rules go into effect, or risk facing fines and stiff penalties.