István Lam of Tresorit talks with host Kim Carter about GDPR (the EU General Data Protection Regulation, which has been described as “the most important change in data privacy regulation in 20 years.”)  The discussion covers terminology, planning, implementation, users' rights regarding their personal data, managing personally identifiable information (PII) across an organization, and required documentation. István talks about establishing the intent of different types of PII; when data can be shared or sold, when PII can be stored; storage of backups, and the ability to reveal, modify, or remove all of a customer's PII.