Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Data Foundations for GDPR


Published on

To comply with GDPR, you first need to know where your data is. Find out how the CloverETL Harvester can crawl all data across your organization and tell you where you have Personally Identifiable Information (PII)
To find out more, just drop us a line:

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Data Foundations for GDPR

  1. 1. Data Foundations for GDPR How CloverETL can help you get your data ready
  2. 2. 3 Sides of GDPR To comply with GDPR regulations, you need to look at 3 different parts of your business. The legal side Are all your consent forms, paperwork, etc. complying with what GDPR requires? The processes you manage What are you doing with sensitive data now, and how might that need to change? The data itself Do you know what sensitive data you actually have? And where? If you don’t know and understand your data, you might build your legal and process changes on faulty assumptions — failing to comply without even knowing. Legal Data Process 1 2 3
  3. 3. To be able to manage your data properly, you first need to know where it is. Just because a field in your database isn’t labelled as Personally Identifiable Information (PII), it doesn’t mean that it doesn’t contain any. Knowing Where Your Data Is PROBLEM 1 THE PII MAP How It Works The CloverETL Harvester can crawl all your data, and tell you where you really have PII. The Harvester builds a complete map of where your sensitive data exists. Harvester is first “trained” on sensitive domains and data samples Profiles your data and reports statistics on the sensitive matches including weighting scores Our analysts then finish the process by examining and polishing the results 1 2 3
  4. 4. Anonymizing your data can be a way of complying with GDPR in certain scenarios. Simple anonymization (like masking PII with ‘*’) can limit the usability of data, so instead, enter pseudonymization: Anonymization PROBLEM 2 ANONYMIZATION ENGINE Pseudoanonymization processes can break the link between personal info and other data, but retain some of the data’s previous qualities The anonymisation engine also enables extension of GDPR compliance to broader use of your data – for example sharing portions of pseudoanonymized data as reliable test data sets with software vendors
  5. 5. Data consent under GDPR is about to get complicated. Various levels of consent need to be managed across a multitude of applications, reflecting consumer requests to withdraw or modify their preferences at any time. Managing Consent PROBLEM 3 DATA CONNECTIONS CloverETL helps manage data across applications, so consent information can be centralized and shared from a single source of truth New connections can be built between applications so each aspect of the organization is using the same, accurate information to ensure compliance
  6. 6. With new rights for consumers to manage their data, it’s likely organizations will find themselves handling many more requests to change consent or delete data (the ‘right to be forgotten’). It will be hard, if not impossible, to continue handling these manually. Executing Data Rights PROBLEM 4 AUTOMATIC PROCESSING With the PII Map, it becomes easy to see exactly where information about a data subject sits, so changes can be implemented properly CloverETL enables processes to be set up that automate fulfillment of consent changes, with little or no human interaction - both saving time and eliminating (potentially costly) errors
  7. 7. Under GDPR, organizations are required to maintain audit trails of every data interaction – where the data came from, what happens to it and where it’s being shipped to. Reporting and Auditing PROBLEM 5 COMPLETE DATA HISTORY CloverETL’s reporting and audit capabilities can automatically log all interactions with sensitive data Audit trails can be built easily, showing the complete history of your data’s journey
  8. 8. Start Now With our help and technology, we can solve the data part of GDPR for you. Get complete understanding of all your data and back your new compliance business processes with dependable, transparent and automated data pipelines. Legal Data Process C o n t a c t C l o v e r E T L