This helps security and privacy professionals understand five core GDPR requirements and two related changes they need to start tackling now.