The European Union's General Data Protection Regulation (GDPR) aims to confront concerns about data privacy, protection of individuals' fundamental rights, and the safety of data. Organizations handling EU citizen data must comply with GDPR requirements, which include explicit consent for data collection, a "right to be forgotten", easier access to individual data, and disclosure within 72 hours in case of a breach. The regulation seeks to provide clarity and consistency globally, introducing specific terminology for roles and responsibilities within organizations. Failure to comply may result in fines of up to 4% of global revenues or €20m, as well as suspension of further data processing activities.