The General Data Protection Regulation (GDPR) is a new European Union regulation to bring added protection to the personal data of citizens. Harmonizing existing data protection laws, it will place new obligations on bodies or companies holding and processing data. All organizations, whether private companies or government bodies, will be subject to the regulations, even if they are not established within the EU. Communications service providers and their networks handle large amounts of diverse data and face a variety of threats. They need to put in place robust solutions that will help them meet the new requirements and ensure they protect their customers.