The goal of General Data Processing Regulation is to improve the liabilities of the companies and to impose penalties in case of a breach. It aims as follows,

1. Strengthen the rights of individuals as well as freedoms to protect their personal data.
2. Consolidate the application of rules throughout the European Union that inserts shielding of personal data.

According to the GDPR

• The key notion of both simple and sensitive personal data has been specified.
• GDPR attaches explanations for instance, "pseudonymization", "profile training", and "limitation of processing".
• The outline of the tasks of"controller" is set down and decides the aim and methods of the processing of personal data. The controller must be able to demonstrate that he is applying the GDPR at any demanded time.
• The definition of "Data Protection Officer" is established. He notifies and advises the controller and processor as well as the staff that prepares personal data, about their responsibilities derived from GDPR regarding data protection.
• Data transgressions must be notified to the supervisory authority within 72 hours to take stringent and swift action.
• Doubled risk management requirements are produced, including Data Privacy Impact Analysis (DPIA)