After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. It will enter in force 20 days after its publication in the EU Official Journal and will be directly application in all members states two years after this date. Enforcement date: 25 May 2018 – at which time those organizations in non-compliance will face heavy fines. This legislation replaced the Data Protection Act in the UK. All businesses and organisations that hold data need to comply with the new requirements.
The EU have set up a dedicated website to assist you in making sure your organisation complies. EUGDPR,org
You can also find guidance on the UK’s Information Commissioner’s Officers website. ico.