What is GDPR? is becoming the big question that Companies, State organisations and all those involved in business are asking as the first full week back at work in 2018 commences. In particular HR directors and Managers need to become aware of this term and ensure that all employees in their organisations are fully aware of their requirements regarding GDPR. GDPR makes it much less difficult for individuals to bring claims against Data Controllers if their data or privacy has been infringed. GDPR is the EU’s new General Data Protection Regulation which applies to all EU organisations, be they commercial,voluntary or a public Authority, that collect, store or process the personal data of EU individuals. Organisations based outside of the EU, that monitor or offer goods and services to European citizens will have to observe the new rules and adhere to the same level of protection of personal data. If an organisation is found to be in breach of the GDPR, they can be fined up to 20 million euro or up to 4% of their annual global turnover. GDPR takes effect and is enforceable across the European Union, or EU on the 25 May 2018. There will be no grace period for enforcement ,as the regulation was actually adopted in April 2016. In simple terms GDPR applies to both automated personal data and to manual filing systems containing personal data. However similar to the Data Protection Act under GDPR the definition of Personal data expands into sensitive personal data. The GDPR Principles set out the main responsibilities for organisations as follows, The GDPR requires that personal data be processed lawfully ,fairly and in a transparent manner in relation to individuals. Data must be collected and processed for specific, legitimate purposes only. Any collected data should be limited to what…