Companies must get prepared for EU General Data Protection Regulation (GDPR) and fast, because the pitfalls are huge. Firms face fines of the greater of €20 million or up to four percent of global corporate turnover, and they are also expected to report data breaches within just 72 hours.