Data Protection Directive was set to guarantee the safety of personal data on digital and electronic devices. Two years ago, the GDPR (General Data Protection Regulation) was adopted. Beginning in May 2018, it will be enforced in all European Union companies and foreign companies processing data of EU residents. With bigger budgets, it is easier for an enterprise to work under the new regulation while a mid-market company doesnt always have the staff, the qualifications, the legal resources to move the entire company to a GDPR-approved method.”]
Source: https://www.csoonline.com/article/3269570/gdpr-one-size-does-not-fit-all.html