GDPR is real, it’s global, and its preparedness is now. The European Union’s General Data Protection Regulation (GDPR) takes effect May 25, 2018 and it represents the biggest change to EU data protection and privacy legislation in the past three decades. The GDPR will replace the Data Protection Directive 95/46/EC. The goal of the GDPR “is … to standardize data privacy laws across the EU with the main objective to ‘protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy.” Organizations will be held to a much higher standard regarding how the personal data of and for EU citizens is managed. This primer will serve as an overview of the regulation, and what organizations should expect as May 25 comes ever closer.