The European Union’s General Data Protection Regulation, GDPR is effective since May 25, 2018. A lot has been done to make IT companies compliant with GDPR, however, it is just the beginning. Although it applies only to European citizens GDPR rules imposed a new reality in the world and all the efforts made to achieve compliance to this regulation can be lost if organizational practices and infrastructure are not maintained.