According to ESG research, 11 percent of organizations say they are completely prepared for the GDPR deadline on May 25. But organizations may still be challenged by Article 17 of GDPR, the right to erasure. Article 17 states that EU citizens have right to obtain from the controller (i.e. the organization that collects, processes, and analyzes the data) the erasure of personal data concerning him or her without undue delay. If your organization doesnt have automated and auditable processes to find, delete, and verify data erasure at scale, the answer is definitely no”]
Source: https://www.csoonline.com/article/3263768/gdpr-look-out-for-right-to-be-forgotten-storms-ahead.html