With the GDPR’s effective date of May 25, 2018 approaching, most companies that will be affected by the E.U.’s General Data Protection Regulation have preparations well underway. However, the process is complex and companies often identify questions and concerns as they move toward implementation. In this guest article, Scott Pink, Hayley Ichilcik and Mallory Jensen, attorneys at O’Melveny & Myers, identify and respond to common key questions companies are raising and tackling during their GDPR preparations. See also “One Year Until GDPR Enforcement: Five Steps Companies Should Take Now” (May 31, 2017).