Improve collaboration and confidence with Consumer-driven contracts
Data Quality-Driven GDPR: Compliance with Confidence
-
Upload
syncsort -
Category
Technology
-
view
185 -
download
1
Transcript of Data Quality-Driven GDPR: Compliance with Confidence
Welcome!
Michael Urbonas Director of Product Marketing, Data QualitySyncsort
15 years of software experience including…
– BI/DW & data visualization
– Data management & ETL
– Text analytics
– Enterprise search
– Enterprise content management
Today’s agenda: Information you need about GDPR
What GDPR is and what it changes
GDPR readiness: What companies must be prepared for
Why Data Quality is critical for GDPR compliance
How Data Quality simultaneously benefits GDPR compliance and business growth
How Data Quality works with Data Governance for GDPR compliance
What the General Data Protection Regulation (GDPR) is
New customer rights and controls over their personal data
New business responsibilities and restrictions regarding customers’ personal data
Applies to all companies that hold and process data on “data subjects” (all persons who residein EU; also UK)
Fines up to 4% of annual global turnover or €20 million for breaching GDPR
What the General Data Protection Regulation (GDPR) is
Had GDPR been in place for the past five years, FTSE 100 companies with significant customer interactions that incurred a known data breach during that time could have
owed up to £25 billion in fines to EU regulators, or £5 billion annually.
Source: Oliver Wyman, Global Management Consultancy (May 2017)
GDPR Readiness:Companies must prepare for new customer demands
Customers will assert their new rights:What do you know about me?
– Right to access data; receive a copy of data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated marketing based on customer profile
Customers will assert their new rights:What do you know about me?
– Right to access data; receive a copy of data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated marketing based on customer profile
GDPR Readiness:Companies must prepare for new customer demands
To comply, companies must already know:What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will span many sources, in various conditions
– Often hidden; not identified by metadata; e.g., data buried within long text fields, incorrect fields; etc.
GDPR Readiness:Companies must prepare for new customer demands
Customers will assert their new rights:What do you know about me?
– Right to access personal data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated marketing based on customer profile
To comply, companies must already know:What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will span many sources, in various conditions
– Often hidden; not identified by metadata; e.g., data buried within long text fields, incorrect fields; etc.
Is our customer contact information current?
– Also: Current contact preferences/data usage rights?
GDPR Readiness: Companies must prepare for new customer demands
Customers will assert their new rights:What do you know about me?
– Right to access personal data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated marketing based on customer profile
To comply, companies must already know:What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will span many sources, in various conditions
– Often hidden; not identified by metadata; e.g., data buried within long text fields, incorrect fields; etc.
Is our customer contact information current?
– Also: Current contact preferences/data usage rights?
How ARE we processing customer data?
– Who is using it? For what purpose(s)?
– Where did it come from? Where does it go?
– Are we processing personal data as intended –lawfully, securely, completely…?
GDPR Readiness:Companies must prepare for new customer demands
Regulators will have new expectations:Document proof your company’s personal data processing adheres to GDPR principles (art. 5):
– Processed lawfully, transparently
– Collected for specific purposes
– Limited to data relevant for specific purposes
– Kept accurate and current
– Processed securely and protected
Provide documentation details as noted in multiple GDPR articles, including:
– Record Processing Activities (art. 30)
– Security of Processing (art. 32)
– Data Protection Impact Assessment (art. 35)
GDPR Readiness:Companies must prepare for new regulatory demands
Regulators will have new expectations:Document proof your company’s personal data processing adheres to GDPR principles (art. 5):
– Processed lawfully, transparently
– Collected for specific purposes
– Limited to data relevant for specific purposes
– Kept accurate and current
– Processed securely and protected
Provide documentation details as noted in multiple GDPR articles, including:
– Record Processing Activities (art. 30)
– Security of Processing (art. 32)
– Data Protection Impact Assessment (art. 35)
To comply, companies must apply their answers to previously-noted questions…
What DO we know about a given customer?
Where IS our customer data?
Is our customer contact information current?
How ARE we processing customer data?
… in the form of new business processes providing evidence of GDPR compliance.
Why Data Quality is critical for GDPR compliance
Acquiring this knowledge requires new discovery
processes.
Customers will assert their new rights. To comply, companies must already know:
What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will likely span many sources/silos
– Often hidden; not identified by metadata; e.g., data buried within long text fields, incorrect fields; etc.
Is our customer contact information current?
– Also: Current contact preferences/data usage rights?
How ARE we processing customer data?
– Who is using it? For what purpose(s)?
– Where did it come from? Where does it go?
– Are we processing personal data as intended –lawfully, securely, completely…?
Why Data Quality is critical for GDPR compliance
Regulators will have new expectations. To comply, companies must apply their answers to previously-noted questions…
What DO we know about a given customer?
Where IS our customer data?
Is our customer contact information current?
How ARE we processing customer data?
… in the form of new business processes providing evidence of GDPR compliance.
Applying knowledge gained from new discovery processes
requires new operational processes.
Why Data Quality is critical for GDPR compliance
Lack of Standardization risks
exposure of Personal Data
Reference/Pointer
to other personal
data usage
Personal Data Fields
How Data Quality for GDPR compliance will also grow your business
15Syncsort Confidential and Proprietary - do not copy or distribute
High quality data means that you have the right information at the right time and place for the right people to run your organization. Only an organization that has high
quality data will have the ability to comply with the GDPR.
Danette McGilvray,Data quality expert and author
The Data Quality Process
Data Profiling
Data Quality ProcessingData Discovery
Business Rules & Data Quality Assessment
Data Validation, Standardization
& Linking
Data Verification & Enrichment
The Data Quality Process
Data Profiling
Data Quality ProcessingData Discovery
Business Rules & Data Quality Assessment
Data Validation, Standardization
& Linking
Data Verification & Enrichment
and more…
Operational Integrations
Data Governance
Analytics & Reporting
Data Discovery
Key built-in functionality:
Automated out of the box data profiling capability:
– Discover data structure; generate data statistics
– Analyze data content; identify personal data and data relationships
– Identify data dependencies, keys and joins
REST API for easy integration with other data tools
Data Discovery
Key built-in functionality:
Automated out of the box data profiling capability:
– Discover data structure; generate data statistics
– Analyze data content; identify personal data and data relationships
– Identify data dependencies, keys and joins
REST API for easy integration with other data tools
Key self-serve functionality for business users:
Create and validate business rules
Quantify and prioritize data quality issues
Report on data quality metrics for accuracy, consistency and completeness
Monitor quality thresholds and trends over time
Data Quality Processing
Rich functionality to cleanse data while improving contextual understanding:
Parse data values from unstructured fields into useful, usable new attributes
Verify and enrich global postal addresses
Standardize values for matching and linking
Enrich data with external, third-party sources to create comprehensive, unified records
Link records spanning multiple sources of personal data related to same customer
Bring Data Quality Processing into the Data Lake
“Design once, deploy anywhere”
– Visually design data quality jobs once and run anywhere (MapReduce, Spark, Linux, Unix, Windows; on premise or in the cloud)
– Use-case templates to fast-track development
– Test & debug locally in Windows/Linux; deploy to Big Data
– Intelligent Execution dynamically optimizes data processing at run-time based on the chosen compute framework; no changes or tuning required
Single GUI
Execute Anywhere
Data Quality in Action for GDPR: Example
Data Profiling process reveals text fields with
unexpected personal data
Data Discovery
Data Quality in Action for GDPR: Example
Data Profiling process reveals text fields with
unexpected personal data
Data Discovery
Business rules identify original source of
unexpected personal data
Data Quality in Action for GDPR: Example
Data Profiling process reveals text fields with
unexpected personal data
Data Quality ProcessingData Discovery
Business rules identify original source of
unexpected personal data
New data standardization routines
are added, ensuring personal data is
removed
Data Quality in Action for GDPR: Example
Data Profiling process reveals text fields with
unexpected personal data
Data Quality ProcessingData Discovery
Business rules identify original source of
unexpected personal data
New data standardization routines
are added, ensuring personal data is
removed
Data validation routines measure and monitor for
recurrences
Data Quality in Action for GDPR: Example
Data Profiling process reveals text fields with
unexpected personal data
Data Quality ProcessingData Discovery
Business rules identify original source of
unexpected personal data
New data standardization routines
are added, ensuring personal data is
removed
Data validation routines measure and monitor for
recurrences
Analytics and reporting, including GDPR policy reports and dashboards
Integrations
Discovery API integration with Data Governance app triggers issue mgmtand controls
How Data Quality for GDPR compliance will also grow your business
28Syncsort Confidential and Proprietary - do not copy or distribute
I want organisations to think to themselves: ‘We base our online user experience around what consumers want. We shape our products and services around what consumers want.
We need to shape our data protection approach around what consumers expect’.
Elizabeth Denham, UK Information Commissioner,speaking on GDPR and accountability (Jan. 2017)
How Data Quality for GDPR compliance will also grow your business
360 Degree View of the Customer
Essential for successful customer engagement and marketing campaigns that boost revenue and reduce customer churn
Also critical for GDPR compliance
Both are enabled by enterprise data quality technology
The Data Quality Process
Data Profiling
Data Quality ProcessingData Discovery
Business Rules & Data Quality Assessment
Data Validation, Standardization
& Linking
Data Verification & Enrichment
Operational Integrations
Data Governance
Analytics & Reporting
The Data Quality Process
Data Profiling
Data Quality ProcessingData Discovery
Business Rules & Data Quality Assessment
Data Validation, Standardization
& Linking
Data Verification & Enrichment
Customer 360
Operational Integrations
Data Governance
Analytics & Reporting
Data Quality and Data Governance for GDPR compliance
Data Governance is critical to ensuring we are processing customer
data consistently and in full regulatory compliance.
How ARE we processing customer data?
– Who is using it? For what purpose(s)?
– Where did it come from? Where does it go?
– Are we processing personal data as intended –lawfully, securely, completely…?
Data Quality and Data Governance for GDPR compliance
Highly complimentary tools
Data Governance enables consistency and compliance as to how data is collected, stored, accessed, used and processed
Data Quality is a key enabler of data governance, including:
– Discovering sources of, and relationships between, personal data based on actual content
– Enriches data governance system with deeper content and insight
– Applying business rules to assess data quality throughout data transformation processes
• Helps verify how personal data is processed, without unintended results
Data Quality and Data Governance for GDPR compliance
Highly complimentary tools
Data Governance enables consistency and compliance as to how data is collected, stored, accessed, used and processed
Data Quality is a key enabler of data governance, including:
– Discovering sources of, and relationships between, personal data based on actual content
– Enriches data governance system with deeper content and insight
– Applying business rules to assess data quality throughout data transformation processes
• Helps verify how personal data is processed, without unintended results
Essential DQ/DG content for GDPR:
Data relationship maps
Data lineage graphs
38
Data Quality and Data Governance for GDPR compliance
Associate quality measures to your critical data elements.
Data Quality and Data Governance for GDPR compliance
Gain insight into where data quality might be compromised by data transformations and why.
Understand any changes that may impact critical data elements and data quality.
43Syncsort Confidential and Proprietary - do not copy or distribute
GDPR also provides an opportunity to put together a more comprehensive data quality and data governance capability that
provides more than compliance with confidence.
It also enables confidence in your data and putting it to effective use to achieve increased revenues, customer loyalty and competitiveness.