Explore key insights on how data quality can help you achieve your GDPR compliance with confidence, including:
• GDPR readiness: What companies must be prepared for
• Why Data Quality is so critical for GDPR compliance
• How to address data-related GDPR challenges through a practical, structured approach
2. Today’s agenda: Information you need about GDPR
What is GDPR and what it changes
GDPR readiness: What preparations must be
made
Why Data Quality is critical for GDPR compliance
How Data Quality simultaneously benefits GDPR
compliance and business growth
3. What is the General Data Protection Regulation (GDPR)
Had GDPR been in place for the past five years, FTSE 100 companies with significant
customer interactions that incurred a known data breach during that time could have
owed up to £25 billion in fines to EU regulators, or £5 billion annually.
Source: Oliver Wyman, Global Management Consultancy (May 2017)
4. GDPR Readiness:
Companies must prepare for new customer demands
Customers will assert their new rights:
What do you know about me?
– Right to access data; receive a copy of data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated
marketing based on customer profile
5. Customers will assert their new rights:
What do you know about me?
– Right to access data; receive a copy of data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated
marketing based on customer profile
GDPR Readiness:
Companies must prepare for new customer demands
To comply, companies must already know:
What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customer personal data ?
– Data will span many sources, in various conditions
– Often hidden; not identified by metadata; e.g., data
buried within long text fields, incorrect fields; etc.
6. GDPR Readiness:
Companies must prepare for new customer demands
Customers will assert their new rights:
What do you know about me?
– Right to access data; receive a copy of data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated
marketing based on customer profile
To comply, companies must already know:
What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will span many sources, in various conditions
– Often hidden; not identified by metadata; e.g., data
buried within long text fields, incorrect fields; etc.
Is our customer contact information current?
– Also: Current contact preferences/data usage rights?
7. GDPR Readiness:
Companies must prepare for new customer demands
Customers will assert their new rights:
What do you know about me?
– Right to access data; receive a copy of data
This data about me is wrong; fix it!
– Right to inaccurate data correction
Erase all my data for good!
– Right to be forgotten
Has my data been breached?
– Right to be informed within 72 hours
How do you use what you know about me?
– Right to…limit processing of personal data
– object to how it is processed
– not participate in automated
marketing based on customer profile
To comply, companies must already know:
What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will span many sources, in various conditions
– Often hidden; not identified by metadata; e.g., data
buried within long text fields, incorrect fields; etc.
Is our customer contact information current?
– Also: Current contact preferences/data usage rights?
How ARE we processing customer data?
– Who is using it? For what purpose(s)?
– Where did it come from? Where does it go?
– Are we processing personal data as intended –
lawfully, securely, completely…?
8. GDPR Readiness:
Companies must prepare for new regulatory demands
Regulators will have new expectations:
Document proof your company’s personal data
processing adheres to GDPR principles (art. 5):
– Processed lawfully, transparently
– Collected for specific purposes
– Limited to data relevant for specific purposes
– Kept accurate and current
– Processed securely and protected
Provide documentation details as noted in
multiple GDPR articles, including:
– Record Processing Activities (art. 30)
– Security of Processing (art. 32)
– Data Protection Impact Assessment (art. 35)
To comply, companies must apply their
answers to previously-noted questions…
What DO we know about a given customer?
Where IS our customer data?
Is our customer contact information current?
How ARE we processing customer data?
… in the form of new business processes
providing evidence of GDPR compliance.
10. Why Data Quality is critical for GDPR compliance
Acquiring this knowledge
requires new discovery
processes.
Customers will assert their new rights.
To comply, companies must already know:
What DO we know about a given customer?
– Personal data and sensitive personal data
Where IS our customers’ personal data?
– Data will likely span many sources/silos
– Often hidden; not identified by metadata; e.g., data
buried within long text fields, incorrect fields; etc.
Is our customer contact information current?
– Also: Current contact preferences/data usage rights?
How ARE we processing customer data?
– Who is using it? For what purpose(s)?
– Where did it come from? Where does it go?
– Are we processing personal data as intended –
lawfully, securely, completely…?
11. Why Data Quality is critical for GDPR compliance
Lack of Standardisation risks
exposure of Personal Data
Reference/Pointer
to other personal
data usage
Personal Data Fields
12. Why Data Quality is critical for GDPR compliance
Regulators will have new expectations.
To comply, companies must apply their
answers to previously-noted questions…
What DO we know about a given customer?
Where IS our customer data?
Is our customer contact information current?
How ARE we processing customer data?
… in the form of new business processes
providing evidence of GDPR compliance.
Applying knowledge gained
from new discovery processes
requires new operational
processes.
14. Data Quality in Action for GDPR
Data Profiling
process reveals
text fields with
unexpected
personal data
Data Discovery
Business rules identify
original source of
unexpected personal
data
15. Data Discovery for GDPR
Key functions:
Discover data structure; generate data statistics
Analyze data content; identify personal data and data
relationships
Identify data dependencies, keys and joins
Create and validate business rules
Quantify and prioritise data quality issues
Report on data quality metrics for accuracy, consistency
and completeness
Monitor quality thresholds and trends over time
What to look for in a tool:
Automated out of the box data profiling capability:
REST API for easy integration with other data tools
Self-serve functionality for business users
16. Data Quality in Action for GDPR
Data Profiling
process reveals
text fields with
unexpected
personal data
Data Quality ProcessingData Discovery
Business rules identify
original source of
unexpected personal
data
New data
standardisation routines
are added, ensuring
personal data is
removed
Data validation
routines measure
and monitor for
recurrences
17. Data Quality Processing for GDPR
Key Functions:
Parse data values from unstructured fields into
useful, usable new attributes
Verify and enrich global postal addresses
Standardise values for matching and linking
Enrich data with external, third-party sources
to create comprehensive, unified records
Link records spanning multiple sources of
personal data related to same customer
What to look for in a tool:
Rich functionality to cleanse data while
improving contextual understanding
19. Data Quality in Action for GDPR
Data Profiling
process reveals
text fields with
unexpected
personal data
Data Quality ProcessingData Discovery
Business rules identify
original source of
unexpected personal
data
New data
standardisation routines
are added, ensuring
personal data is
removed
Data validation
routines measure
and monitor for
recurrences
Analytics and
reports, including
GDPR policy reports
and dashboards
Integrations
Discovery API
integration with
Data Governance
app triggers issue
mgmt and controls
20. Data Quality for GDPR compliance can also grow your business
Syncsort Confidential and Proprietary - do not copy or distribute 20
GDPR also provides an opportunity to put together a more
comprehensive data quality and data governance capability that
provides more than compliance with confidence.
It also enables confidence in your data and putting it to effective use
to achieve increased revenues, customer loyalty and competitiveness.
21. Data Quality for GDPR compliance can also grow your business
360 Degree View of the Customer
Essential for successful customer
engagement and marketing campaigns
that increase revenue and reduce
customer churn
Also critical for GDPR compliance
Both are enabled by enterprise
data quality technology