The short and simple answer is yes.
First and foremost, the GDPR is a universal law for the European Union. This means that the GDPR covers not only all websites that operate within the EU, but also all websites that deal with EU users. With enforcement in May 2018, all sites that refer to local sites outside the EU will also be affected.
In a PwC survey of American multinational organisations, 92 percent stated that compliance with the GDPR has top priority, and 71 percent have already started preparations (as of January 2017). These include data protection guidelines, IT security and the discovery of all data held by companies.
As far as the UK in particular is concerned, it is still part of the EU at the time of enforcement of the GDPR. In addition, the UK government is preparing for a new Data Protection Act that will meet the same requirements as the GDPR, so the same rules will still apply after the UK leaves the European Union in 2019.
In the US, data protection laws are more fragmented because they are a patchwork of sector-specific laws, such as those relating to healthcare companies or financial institutions, or limited to certain states such as California. However, since the GDPR is the most thorough and far-reaching data protection regulation ever adopted, it is likely to serve globally or at least as a model for future data protection regulations.
Therefore, in any case, it is important to take all measures to meet the requirements. The regulations may be an annoying obstacle for businesses here and now, but in the long run they will help restore trust and fairness between businesses and consumers in a data-driven world.