On May 25, 2018, the European Union’s (EU’s) General Data Protection Regulation (GDPR) will go into effect, prompting many boards to strengthen their oversight of data privacy compliance.