The EU General Data Protection Regulation (GDPR) will be enforced from 25 May 2018.
It affects all organisations that hold personal data on EU citizens - including the UK.
It is a set of rules that companies must follow in order to protect the data they store.
Implementing a data protection strategy that includes encryption and anti-malware security is vital.
Potential fines for not being GDPR compliant range up to £20m or 4% of worldwide, annual turnover – whichever is higher.