General Data Protection Regulation (GDPR): Devising an Action Plan for the Road to Compliance