General Data Protection Regulation (GDPR) is a legislation that went into effect in May 2018. It enhanced and unified data privacy laws in the European Union (EU). GDPR was put in place to protect european citizens and their private identifiable information (PII) and to ensure that businesses, government entities and other organizations collect PII in a responsible manner. It mandates that PII is maintained in a secure fashion. GDPR violations can incur penalties of up to 20 million Euros or 4% of annual global turnover.