How do you ensure compliance and data privacy regulations are factored into your initial business requirements?