The General Data Protection Regulation (GDPR) is a set of rules created by the European Commission in an attempt to improve data protection for individuals within the European Union (EU). The EC is looking to get companies compliant with the GDPR by 2018. The GDPR imposes significantly higher privacy and data protection standards than those already in place in the EU.
The GDPR also addresses export of personal data outside the EU, which in turn affects US companies in the wake of the breakdown of Safe Harbor.
The complex approval process for the regulation
should not lead US companies to hold out hope that these rules will not
come to pass. The time for companies to begin preparing is now. This
article has a link to the latest GDPR draft and a description of its implications.