Data Quality-Driven GDPR: Compliance with Confidence

Data Quality-Driven GDPR: Compliance with Confidence

Michael Urbonas

Director of Product Marketing

Welcome!

Michael Urbonas Director of Product Marketing, Data QualitySyncsort

15 years of software experience including…

– BI/DW & data visualization

– Data management & ETL

– Text analytics

– Enterprise search

– Enterprise content management

Today’s agenda: Information you need about GDPR

What GDPR is and what it changes

GDPR readiness: What companies must be prepared for

Why Data Quality is critical for GDPR compliance

How Data Quality simultaneously benefits GDPR compliance and business growth

How Data Quality works with Data Governance for GDPR compliance

What the General Data Protection Regulation (GDPR) is

New customer rights and controls over their personal data

New business responsibilities and restrictions regarding customers’ personal data

Applies to all companies that hold and process data on “data subjects” (all persons who residein EU; also UK)

Fines up to 4% of annual global turnover or €20 million for breaching GDPR

What the General Data Protection Regulation (GDPR) is

Had GDPR been in place for the past five years, FTSE 100 companies with significant customer interactions that incurred a known data breach during that time could have

owed up to £25 billion in fines to EU regulators, or £5 billion annually.

Source: Oliver Wyman, Global Management Consultancy (May 2017)

GDPR Readiness:Companies must prepare for new customer demands

Customers will assert their new rights:What do you know about me?

– Right to access data; receive a copy of data

This data about me is wrong; fix it!

– Right to inaccurate data correction

Erase all my data for good!

– Right to be forgotten

Has my data been breached?

– Right to be informed within 72 hours

How do you use what you know about me?

– Right to…limit processing of personal data

– object to how it is processed

– not participate in automated marketing based on customer profile


– Right to access data; receive a copy of data












To comply, companies must already know:What DO we know about a given customer?

– Personal data and sensitive personal data

Where IS our customers’ personal data?

– Data will span many sources, in various conditions

– Often hidden; not identified by metadata; e.g., data buried within long text fields, incorrect fields; etc.



– Right to access personal data
















Is our customer contact information current?

– Also: Current contact preferences/data usage rights?

GDPR Readiness: Companies must prepare for new customer demands


– Right to access personal data


















How ARE we processing customer data?

– Who is using it? For what purpose(s)?

– Where did it come from? Where does it go?

– Are we processing personal data as intended –lawfully, securely, completely…?


Regulators will have new expectations:Document proof your company’s personal data processing adheres to GDPR principles (art. 5):

– Processed lawfully, transparently

– Collected for specific purposes

– Limited to data relevant for specific purposes

– Kept accurate and current

– Processed securely and protected

Provide documentation details as noted in multiple GDPR articles, including:

– Record Processing Activities (art. 30)

– Security of Processing (art. 32)

– Data Protection Impact Assessment (art. 35)

GDPR Readiness:Companies must prepare for new regulatory demands

Regulators will have new expectations:Document proof your company’s personal data processing adheres to GDPR principles (art. 5):

– Processed lawfully, transparently

– Collected for specific purposes

– Limited to data relevant for specific purposes

– Kept accurate and current

– Processed securely and protected

Provide documentation details as noted in multiple GDPR articles, including:

– Record Processing Activities (art. 30)

– Security of Processing (art. 32)

– Data Protection Impact Assessment (art. 35)

To comply, companies must apply their answers to previously-noted questions…

What DO we know about a given customer?

Where IS our customer data?



… in the form of new business processes providing evidence of GDPR compliance.


Acquiring this knowledge requires new discovery

processes.

Customers will assert their new rights. To comply, companies must already know:




– Data will likely span many sources/silos









Regulators will have new expectations. To comply, companies must apply their answers to previously-noted questions…


Where IS our customer data?



… in the form of new business processes providing evidence of GDPR compliance.

Applying knowledge gained from new discovery processes

requires new operational processes.


Lack of Standardization risks

exposure of Personal Data

Reference/Pointer

to other personal

data usage

Personal Data Fields

How Data Quality for GDPR compliance will also grow your business

15Syncsort Confidential and Proprietary - do not copy or distribute

High quality data means that you have the right information at the right time and place for the right people to run your organization. Only an organization that has high

quality data will have the ability to comply with the GDPR.

Danette McGilvray,Data quality expert and author

The Data Quality Process

Data Profiling

Data Discovery

Business Rules & Data Quality Assessment


Data Profiling

Data Quality ProcessingData Discovery


Data Validation, Standardization

& Linking

Data Verification & Enrichment


Data Profiling




& Linking


and more…

Operational Integrations

Data Governance

Analytics & Reporting

Data Discovery

Key built-in functionality:

Automated out of the box data profiling capability:

– Discover data structure; generate data statistics

– Analyze data content; identify personal data and data relationships

– Identify data dependencies, keys and joins

REST API for easy integration with other data tools

Data Discovery

Key built-in functionality:

Automated out of the box data profiling capability:

– Discover data structure; generate data statistics

– Analyze data content; identify personal data and data relationships

– Identify data dependencies, keys and joins

REST API for easy integration with other data tools

Key self-serve functionality for business users:

Create and validate business rules

Quantify and prioritize data quality issues

Report on data quality metrics for accuracy, consistency and completeness

Monitor quality thresholds and trends over time

Data Quality Processing

Rich functionality to cleanse data while improving contextual understanding:

Parse data values from unstructured fields into useful, usable new attributes

Verify and enrich global postal addresses

Standardize values for matching and linking

Enrich data with external, third-party sources to create comprehensive, unified records

Link records spanning multiple sources of personal data related to same customer

Bring Data Quality Processing into the Data Lake

“Design once, deploy anywhere”

– Visually design data quality jobs once and run anywhere (MapReduce, Spark, Linux, Unix, Windows; on premise or in the cloud)

– Use-case templates to fast-track development

– Test & debug locally in Windows/Linux; deploy to Big Data

– Intelligent Execution dynamically optimizes data processing at run-time based on the chosen compute framework; no changes or tuning required

Single GUI

Execute Anywhere

Data Quality in Action for GDPR: Example

Data Profiling process reveals text fields with

unexpected personal data

Data Discovery




Data Discovery

Business rules identify original source of








New data standardization routines

are added, ensuring personal data is

removed









removed

Data validation routines measure and monitor for

recurrences









removed

Data validation routines measure and monitor for

recurrences

Analytics and reporting, including GDPR policy reports and dashboards

Integrations

Discovery API integration with Data Governance app triggers issue mgmtand controls



I want organisations to think to themselves: ‘We base our online user experience around what consumers want. We shape our products and services around what consumers want.

We need to shape our data protection approach around what consumers expect’.

Elizabeth Denham, UK Information Commissioner,speaking on GDPR and accountability (Jan. 2017)


360 Degree View of the Customer

Essential for successful customer engagement and marketing campaigns that boost revenue and reduce customer churn

Also critical for GDPR compliance

Both are enabled by enterprise data quality technology

Data Quality for 360 Degree View of the Customer


Data Profiling




& Linking



Data Governance



Data Profiling




& Linking


Customer 360


Data Governance


Data Quality and Data Governance for GDPR compliance

Data Governance is critical to ensuring we are processing customer

data consistently and in full regulatory compliance.






Highly complimentary tools

Data Governance enables consistency and compliance as to how data is collected, stored, accessed, used and processed

Data Quality is a key enabler of data governance, including:

– Discovering sources of, and relationships between, personal data based on actual content

– Enriches data governance system with deeper content and insight

– Applying business rules to assess data quality throughout data transformation processes

• Helps verify how personal data is processed, without unintended results


Highly complimentary tools

Data Governance enables consistency and compliance as to how data is collected, stored, accessed, used and processed

Data Quality is a key enabler of data governance, including:

– Discovering sources of, and relationships between, personal data based on actual content

– Enriches data governance system with deeper content and insight

– Applying business rules to assess data quality throughout data transformation processes

• Helps verify how personal data is processed, without unintended results

Essential DQ/DG content for GDPR:

Data relationship maps

Data lineage graphs

37


38


Associate quality measures to your critical data elements.

39


40



Gain insight into where data quality might be compromised by data transformations and why.

Understand any changes that may impact critical data elements and data quality.


GDPR also provides an opportunity to put together a more comprehensive data quality and data governance capability that

provides more than compliance with confidence.

It also enables confidence in your data and putting it to effective use to achieve increased revenues, customer loyalty and competitiveness.

Questions and Next Steps

trilliumsoftware.com/contact-us

Thank You!

Data Quality-Driven GDPR: Compliance with Confidence

Technology

Transcript of Data Quality-Driven GDPR: Compliance with Confidence