GDPR should be a default feature, added in every single application that handles user data, especially PII (Personally Identifiable Information).
Most organizations consider GDPR as luxury and have an impression that it needs special tools and experts to implement it.
Of course, knowledge of the entire GDPR specification is required, but once we are through the rules, we can see that the frameworks and design patterns we already use in our everyday development can very well be used to implement the GDPR rules.