As noted in Phillips Lytle’s recent Data Security & Privacy Client Alert, the new General Data Protection Regulation (“GDPR”) goes into effect on May 25, 2018. GDPR is a regulation that imposes requirements on businesses to protect the personal data of European citizens. The regulation employs a very broad definition of what constitutes personal identification information and contains directives for handling data, as well as reporting breaches. For additional information regarding the obligations under the new regulation, please refer to the full GDPR Client Alert.