In fact, they already exist.
The first client has already turned to our law firm on 25.05.2018, ie on the day the DSGVO came into force. He had a warning from a (supposed) patient.
The client's website does not yet have an SSL certificate. This is gem. § 9 BDSG duty when operating a website with contact form.
Was this warning to be taken seriously?
Yes, definitely! Although we were able to find errors within the warning, this does not necessarily exclude compensation under Art. 82 DSGVO.
How should I behave if I am warned?
In any case, you should consult a trusted lawyer who is familiar with Internet law, competition law and trademark law. As it is initially unclear which of these areas of law is actually affected, a specialized law firm is recommended.