Complying with the General Data Protection Regulation (GDPR) means changing how you do things – from embedding corporate level policies to everyday staff procedures.