General Data Protection

The General Data Protection Regulation is to enforce digital privacy for consumers and to level the playing field, by providing consistent guidance across the EU for companies and regulators

Effective May 25, 2018, organizations employing or conducting business with European Union (EU) Citizens are required to comply with General Data Protection Regulation (GDPR) guidelines for processing and storing customer and employee data. A 12-step guide for complying to this EU-wide law prior to the May 25, 2018 launch date is available from the United Kingdom’s Information Commissioner’s Office (ICO).

Manually performing and maintaining Data Protection Impact Assessments (DPIA) is a labor-intensive, error-prone task. That’s why automation is critical to a company’s GDPR compliance efforts: it saves time and prevents costly errors by guaranteeing you always know where your data is, that it’s secured, and exactly who has inbound and outbound access.

gdpr

The Teradata solution, GDPR Assist, uses automation to detect where private data resides and how it’s used, then report the status of your GDPR-related data based on metadata. It also brings newfound speed and simplicity to time-sensitive remediation activities such as Subject Access Request (SAR) processing.

A Proven Approach

GDPR Assist is a software as a service (SAAS) solution to automatically inventory data, both structured and unstructured, across all platforms including Hadoop, Mainframe, Teradata, Oracle, ETL tools and analytical tools such as Business Objects, SAS, and big data web logs, emails, and call centre logs.

What We Do

STEP 1: UNCOVER EVIDENCE

GDPR Assist analyses the metadata "footprints" that your systems have written, then stores and publishes the evidence to identify:

    • Where, across platforms and tools, you hold private and sensitive data
    • How, across platforms and tools, you process data
    • who uses your data, when it’s used, and associated tools

This evidence is the basis of your DPIA. This step also identifies duplicate data across multiple datasets/platforms to help you simplify your GDPR process.

gdpr

STEP 2: REMEDIATION

Review the compiled data to determine how you can best address each illegal use case and whether to obtain consent, anonymize data, terminate the activity, or delete the data.

STEP 3: STEADY-STATE MONITORING

GDPR Assist refreshes the data evidence so you can provide progress reports to the regulator.

The evidence gathered can be used if you receive a GDPR SAR, or if you need to monitor who uses private data when new use cases occur. GDPR Assist includes the option of holding consent information as a central service.

 

Article

Information Age: A 3 step guide to GDPR

Customer Story

Barclays: Data Optimisation and Simplification