25th May 2018. The day GDPR becomes a reality. And with it comes a fundamental change to the way that we manage and distribute data. As everyone knows by now, it is not a 'nice to take notice of' initiative; it is a 'must comply with' piece of legislation. But here's the challenge; because it is such a significant shift in the way that any business that has data at its heart operates (and which business today doesn't rely on data for all it does?), the challenge to comply is seemingly formidable. As a result, many businesses appear stuck in ‘analysis paralysis’, incapable of implementing simple strategies to meet the GDPR challenge. How can you break through that paralysis? How can you get started on the path to compliance? In short, where do you start?
Let’s, for a second, remind ourselves of the driver behind the introduction of GDPR in the first place. It’s really, at the most foundational level, about stopping the misuse of personal data by organisations who may be tempted to use that data to engage in intrusive, unwanted marketing activities. We have all suffered such targeting and we all know how annoying it is. So, one of the key tenets of GDPR will be that it requires organisations to prove that any data they are holding on anyone is necessary to the running of their business, rather than being held for the kind of marketing activities I’ve just outlined. Within every business, there are obviously many different and disparate data streams making it tough to create an easily auditable view of the data and, therefore in turn, prove why it is essential to the running of the business.
To give you an example, let’s imagine you are a retailer and it is found that, at the point of purchase, the till is scanning the colour of peoples’ eyes as they pay. You’d have to explain why you were doing that. Perhaps you are an optician and have a legitimate reason for capturing this data, as it helps you provide better aftercare to your customers. Or perhaps you were planning on earning some money on the side by selling that data to third-party companies (eg: people with green eyes are most likely to buy chocolate). But even if your reasons are entirely honourable, as per the optician example, you still need to be able to explain your data processes downstream from the till to ensure that, if you were checked, you did indeed comply with GDPR.
And that, my friends, is one time-consuming task.
Moving forwards, data will have to be both identifiable and auditable, which sounds daunting, but there are products out there that can help and automation software is a good place to begin your search. On a proactive basis, data infrastructure automation software can go off and discover data areas and tag areas of concern. It can be used to map out all data systems within the organisations, providing a really effective means of auditing and cataloguing data. And on a reactive basis, if ever you are asked to prove anything about a particular piece of data, or to pull multiple trails together quickly for an export request, again, data infrastructure automation software can supply a full lineage of that data trail. With the ability to define an extract that pulls together all data related to a particular person from all areas across the business in less than 30 days, there is no need for the user to build these extractors in advance, and they can be re-used the next time someone asks.
Even better, when capabilities like these are combined, data infrastructure automation software can retrospectively go out and catalog all of your data, and easily enable complex data extraction. Building new analytics capability within your organisation with automation software – such as WhereScape – can help you rapidly ensure your compliance with GDPR requirements.
Complying with GDPR represents significant challenges to all businesses. But the first, and most important step is to quickly get to a point where you can both identify and audit your data. From here, the roadmap to GDPR compliance will suddenly look a lot clearer.
7 november (online seminar op 1 middag)Praktische tutorial met Alec Sharp Alec Sharp illustreert de vele manieren waarop conceptmodellen (conceptuele datamodellen) procesverandering en business analyse ondersteunen. En hij behandelt wat elke data-pr...
11 t/m 13 november 2024Praktische driedaagse workshop met internationaal gerenommeerde trainer Lawrence Corr over het modelleren Datawarehouse / BI systemen op basis van dimensioneel modelleren. De workshop wordt ondersteund met vele oefeningen en pr...
18 t/m 20 november 2024Praktische workshop met internationaal gerenommeerde spreker Alec Sharp over het modelleren met Entity-Relationship vanuit business perspectief. De workshop wordt ondersteund met praktijkvoorbeelden en duidelijke, herbruikbare ...
26 en 27 november 2024 Organisaties hebben behoefte aan data science, selfservice BI, embedded BI, edge analytics en klantgedreven BI. Vaak is het dan ook tijd voor een nieuwe, toekomstbestendige data-architectuur. Dit tweedaagse seminar geeft antwoo...
De DAMA DMBoK2 beschrijft 11 disciplines van Data Management, waarbij Data Governance centraal staat. De Certified Data Management Professional (CDMP) certificatie biedt een traject voor het inleidende niveau (Associate) tot en met hogere niveaus van...
3 april 2025 (halve dag)Praktische workshop met Alec Sharp [Halve dag] Deze workshop door Alec Sharp introduceert conceptmodellering vanuit een non-technisch perspectief. Alec geeft tips en richtlijnen voor de analist, en verkent datamodellering op c...
10, 11 en 14 april 2025Praktische driedaagse workshop met internationaal gerenommeerde spreker Alec Sharp over herkennen, beschrijven en ontwerpen van business processen. De workshop wordt ondersteund met praktijkvoorbeelden en duidelijke, herbruikba...
15 april 2025 Praktische workshop Datavisualisatie - Dashboards en Data Storytelling. Hoe gaat u van data naar inzicht? En hoe gaat u om met grote hoeveelheden data, de noodzaak van storytelling en data science? Lex Pierik behandelt de stromingen in ...
Deel dit bericht