Elizabeth Denham - head of the ICO (responsible for overseeing the GDPR in the UK) - gave a speech last week to an audience made up primarily of public sector leaders.  It's well worth a read though - she reiterates the fact that her organisation is not looking to fine organisations without good reason - they realise that not everyone will be compliant on day 1.  So long as you are on the path to compliance then you are unlikely to receive huge fines for a breach - but they do want to see that you are trying!