At this point, either your Law Firm or Corporate Counsel are at different stages of planning for GDPR (Directive 95/46/EC) readiness (effective May 2018). For most, this starts with a company wide internal assessment to identify the critical data each business unit holds, workflows, data retention policies, PIPEDA, and any applicable gaps for GDPR requirements.