Each organisation subject to GDPR has until 25th May 2018 to implement both internal and external infrastructures and processes to move to GDPR compliance. As expected, external infrastructures and processes are expected to revolve around interaction with EU residents.
The big blue chip companies will most likely have an IT Department and teams of developers who can create the supporting infrastructure, or they have the revenue to bring in a third party or completely outsource.
What about local councils, schools, or small organisations that have little or no IT support?
If they are wise then they should be planning now to outsource as much as possible. to companies that can provide components of this service.
For further reading click here