What is the GDPR?

Europe’s new data privacy and security law includes hundreds of pages’ worth of new requirements for organizations around the world. 

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU). Since the Regulation applies regardless of where websites are based, it must be heeded by all sites that attract European visitors, even if they don't specifically market goods or services to EU residents.

GDPR is fully supported in ISOManager and mapped (where it's possible) to ISO 27001:2013