The European Union’s General Data Protection Regulation is finally in full effect and your company should already be set up for compliance by now. As your company and employees continue to familiarize yourselves with the new rules the GDPR brought, you should have a data protection officer (DPO) in your company to help with any data-breach notifications, extraterritorial compliance, and risk management documentation, including a privacy impact assessment (PIA).

If you don’t have a data protection officer, it is essential that you take on the responsibility of ensuring that your company is GDPR compliant even if that means making changes to your technology, processes, and business rules. There are five core GDPR requirements you should be aware of to ensure your compliance with this new law. Do you know what they are?