The European Parliament voted in favour of the proposed new Data Protection Regulation by an overwhelming majority in March 2014. Safe to say, this will become law this year.
Everyone who holds data on European citizens is affected, even if you are not located in the EU.
Non compliance could cost dearly, with fines of up to 100 million euros.
You need to be able to show that personal data was encrypted, so that if data is lost, no one can can access it without the correct encryption keys.
The link below provides a great 60 second compliance check through Sophos. Best to do this now and be ahead of the game.
The Merlin Team