Back in 2016, the European Union passed a new regulation--General Data Protection Regulation (GDPR)--to safeguard the data of EU citizens. That regulation took effect on May 25 of this year and is relevant to companies that collect or process personal data of EU citizens, regardless of where they are located. GDPR treats data privacy as an individual right and requires companies to explain in clear and unambiguous language how the data will be used; get an individual's permission; and provide a procedure for individuals to check, correct, and delete their data. In addition, there are strict requirements if a breach occurs. Printing companies collecting the data of EU citizens through websites, or receiving it in client databases, will be affected. Since we've already received calls from member firms, we know GDPR is impacting printing companies. Now is the time to evaluate your physical and technical information security practices. There will be increasing pressure for printers to demonstrate their careful attention to data privacy and security. PIA partners with an information security firm to provide assistance when members need it.