Organizations that thought they (or their vendors) had everything in place to properly handle personal data and comply with the European Union’s GDPR regulations on data privacy may have to start over. The Court of Justice of the European Union recently invalidated the “Privacy Shield Framework” that many organizations relied upon to comply with the GDPR, which comes into play whenever an organization handles or transfers personal data from someone in the EU. As a result, organizations that previously relied on Privacy Shield Framework must find a new method for remaining in compliance, or risk fines or other penalties.