Organizations subject to the EU’s General Data Protection Regulation (GDPR) should do regular compliance audits.