The General Data Protection Regulation (GDPR) is coming into force in May 2018. Building on the long standing 1995 EU Data Protection Directive, it establishes one set of data protection law across all 27 European states and the UK. GDPR represents a profound reform of data protection law in Europe aiming to harmonise data protection regulations across the EU, including the UK.

Data protection, ensuring that sensitive personal data is treated properly in complex IT systems, has been a priority for CGI for many years. It is a business wide issue that requires an understanding of what data is held, why it is held, how it is processed and how it is protected. GDPR is the latest set of legislation requiring organisations that acquire, process, store or communicate sensitive personal data to do so with greater care. Ensuring that the security of the systems involved is appropriate is only one of the tasks that GDPR will demand of a modern digital organisation. 

CGI has produced a range of information assets to help organisations with GDPR preparedness. If you’d like to discuss these assets, or would like help with, or an independent review of your GDPR plans, please get in touch at

How CGI can help