I equate GDPR to the Health Insurance Portability and Accountability Act here in the United States. While a bit tedious at first, once it was implemented their are numerous protections for consumers as well as healthcare companies. Breaches of data are taken very seriously, and with cyber attacks growing each day we are becoming more and more focused on keeping an eye on any possible entry points of attack.