It’s not too early to prepare for the EU’s General Data Protection Regulation (GDPR). Companies can start by updating their privacy statements. The goal: To “meet the GDPR’s “say what you do” requirements and in the process identify operational updates necessary to meet the GDPR’s “do what you say” demand,” Glory Francke writes.