The EU 2016/679 is an 88 page document, but the following is likely the most attention-getting statement:
|Infringements of the following provisions shall, in accordance with paragraph 2, be subject to administrative fines up to 20 000 000 EUR, or in the case of an undertaking, up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher:|
The subsequent points basically summarize the regulation. In short, organizations must comply or the consequences can be severe. Fortunately, the rules are generally reasonable and compliance should not be very difficult.