Getting ready to deal with Data Subject Access Requests

So the General Data Protection Regulation (GDPR) is right around the corner and while the increased fines are getting the majority of the attention (up to €20 million euro or 4% annual worldwide turnover) something that has escaped a lot of people’s attention is the potential business impact an influx of Data Subject Access Requests (DSARs) will have on their organization.

Yes, it's true that DSARs are not a "new" right that has been given to EU citizens and as such, why should organizations really care? What is likely to change from the current types of requests that are being submitted (or not, as the case might be)?