As an IT auditor, you discover that the organization's data protection practices are not compliant with the recently enacted data privacy laws in the jurisdiction. What should be your immediate course of action to address potential legal repercussions?