SlideShare a Scribd company logo

Practical steps to GDPR compliance

Jean-Michel Franco
Jean-Michel Franco

70% of employees have access to data they should not…and that’s going to be a problem when GDPR takes affect in May 2018. A strong data governance program ensures that you have the policies, standards, and controls in place to protect data effectively and access it for decision making. Data governance may become one of the most important functions of your data integration architecture when it comes to data agility. Watch this on-demand webinar describing practical steps to data governance: - Map personal data elements to data fields across systems using metadata - Create workflows for data stewardship and manage end user computing - Establish a data lake with native data quality for consent processing - Track and manage data with audit trails and data lineage

Technology
1 of 22
Download to read offline
1 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
2 https://info.talend.com/en_tld_outlining_practicalsteps_gdpr_compliance.html Watch the replay of this presentation
3 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
4 About us Sunil Soares, Information Asset, @sunilsoares1 • Founder & Managing Partner • Thought leader in the Data Governance industry • Authored eight books on Data Management, Data Governance, and Data Sovereignty • Information Asset is a boutique consulting firm focused on delivering Data Governance to diverse clients in multiple industries Jean-Michel Franco, Talend, @jmichel_franco • Sr Product Marketing Director, Data governance • 25 years of experience in Data Management and BI • Authored 4 books, and regular publications and blogs on data governance • Talend is a next-generation leader in cloud and big data integration software that helps companies make data a strategic asset.
5 • The EU published the General Data Protection Regulation (GDPR) in May 2016 • After a two-year transition period, the GDPR will go into effect on May 25, 2018 • The GDPR applies to the processing of personal data of all data subjects, including customers, employees, and prospects • Non-compliance with the GDPR may result in huge fines, which can be the higher of €20M or four percent of the organization’s worldwide revenues About the EU General Data Protection Regulation
6 • Multiple subject areas • Customer, Employee, Citizen, Vendor… • Emerging data types • Internet of Things, Biometrics… • Multiple jurisdictions • EU, Canada, Australia, U.S…. • Rapidly changing regulations • GDPR, CASL, HIPAA… Global Data Privacy is Multi-Dimensional
7 Poll #1 : How Far Along Are You with GDPR? Not started 48% Conducting risk assessment 32% Doing data mappings 18% Further along 2%
8 A 16 Step Data Governance Plan for GDPR Compliance 1. Develop Policies, Standards & Controls 2. Create Data Taxonomy 3. Confirm Data Owners 4. Identify Critical Datasets & Critical Data Elements 5. Establish Data Collection Standards 6. Define Acceptable Use Standards 7. Establish Data Masking Standards 8. Conduct Data Protection Impact Assessments 9. Conduct Vendor Risk Assessments 10. Improve Data Quality 11. Stitch Data Lineage 12. Govern Analytical Models 13. Manage End User Computing 14. Govern the Lifecycle of Information 15. Set up Data Sharing Agreements 16. Enforce Compliance with Controls
9 Operationalizing the 16 steps plan with Talend Goal Talend solution(s) Map the critical data elements across your datasets Metadata Manager Track and trace data with audit trails and data linage Metadata Manager Master Data Management Anonymize data for controlled privacy protection Data Quality (incl. Data masking and shuffling) Establish a data lake for trusted data & consent mgmt. Big Data Master Data Management Foster accountability for governance and stewardship Data Preparation Data Stewardship Share data with your data subjects Data Integration Data Services
10 • Collaborate with data architecture to classify data into categories and sub- categories • Customer, employee, prospect, vendor, franchisee • Example for employees: Step 2: Create Data Taxonomy Employee Salary & Benefits Identity Contacts Health infor- mation Social media Employee Perfor- mance
11 Have you agreed on a consistent definition of 'personal data' for GDPR purposes? Poll #2 No 53% Yes 47%
12 • GDPR Article 4 defines ‘personal data’ as any information relating to an identified or identifiable natural person… by reference to an identifier such as name, identification number, location data, an online identifier… • GDPR Article 9 restricts the processing of data revealing racial or ethic origin, political opinions, religious or philosophical beliefs, trade union membership… • Data Governance must work with Legal and Privacy to define ‘personal data’ for the GDPR • Example: an item code ‘Halal’ may be covered by Article 9 because it may point to a data subject’s religion Step 4: Identify Critical Datasets & Critical Data Elements
13 • GDPR Article 6 – Lawfulness of Processing • GDPR Article 7 – Conditions for Consent • Data Governance must establish controls so that Legal and Privacy sign off on data collection for any new project during the design phase • Example: creating an Enterprise Consent Repository with MDM Step 5 & 6: Data Collection & Acceptable Use Standards
14 • GDPR Recital 26 & Article 11 state that the principles of data protection should not apply to anonymous information • GDPR Article 32 deals with the security of personal data • Example: anonymizing salary benefits data for data science and analytics Step 7: Establish Data Masking Standards
15 • GDPR Article 30 requires organizations to maintain a record of processing activities • This record must include • a description of the categories and the categories of recipients of personal data, including those in third countries or international organizations; • transfers of personal data to a third country or an international organization • The recordkeeping requirements also extend to so-called processors who process data on behalf of an organization • Critical Step  Mapping of personal data elements to applications Step 11: Stitch Data Lineage
16 • GDPR Article 22 deals with Automated individual decision-making • Under many privacy laws, Automated Processing is required to be disclosed and results are subject to data subject access • “Disparate Treatment” versus “Disparate Impact” • Example : • predictive models may highlight that employees who live closer to work may stay longer in their jobs but the models may discriminate against minority candidates in certain zip codes Step 12: Govern Analytical Models
17 • User Computing (EUC) applications are outside the control of the IT department • EUCs include Microsoft Excel spreadsheets, Microsoft Access databases and SharePoint repositories • EUCs may contain personal data that is still subject to GDPR compliance including data masking requirements • Example: reclaiming control over user managed personal data with self – service tools Step 13: Manage End User Computing
18 • GDPR Article 17 deals with Right to Erasure or the ‘Right to be Forgotten’ • Manage information throughout its lifecycle (ILM), from creation through disposal, including compliance with legal, regulatory, and privacy requirements • Manage retention schedules • Example: How do you forget a data subject if you do not know where their information resides in the first place? Step 14: Govern the Lifecycle of Information
19 Step 16: Enforce Compliance with GDPR Controls GDPR Article (Sample) GDPR Description GDPR Controls Talend Tooling Article 6 Lawfulness of processing • Sign-offs by legal and compliance during the design phase of any new project that requires the processing of personal data • Talend Metadata Manager • Talend MDM Article 7 Conditions for consent • Obtain informed consent of data subjects • Talend MDM • Talend Big Data • Talend Data Quality Article 9 Processing of special categories of personal data, such as race and ethnic origin • Identification of special data categories as CDEs • Sign-off by legal and compliance on usage of special categories of data during the design phase of a project • Talend Metadata Manager • Talend MDM Article 11 Processing which does not require identification • Data masking • Talend Data Quality • Talend Data Preparation Article 30 Records of processing activities • Data lineage for sensitive data within the enterprise and extending to processors and sub-processors • Talend Metadata Manager
20 Poll #3 : Considering Tools for GDPR Compliance? 0,00% 5,00% 10,00% 15,00% 20,00% 25,00% 30,00% Data Governance Data Masking Data Quality & integration Data Stewardship Metadata Management
21 Suggested next steps towards GDPR Compliance • Read our White paper: 16 Practical Steps towards GDPR Compliance • Evaluate Talend tools at www.talend.com • Define ‘personal data’ for GDPR with respect to your organization • Map personal data elements to applications • Above all, drive alignment between Legal, Compliance, Privacy and Enterprise Data Management to re-use existing data governance program to support GDPR compliance
22 ©2017 Talend Thank You! White Paper Available Soon : www.talend.com 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset)and Jean-Michel Franco (Talend)

Recommended

Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Databoldonjames
 
GDPR RACI.pdf
GDPR RACI.pdfGDPR RACI.pdf
GDPR RACI.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure IslandsSecure Islands - Data Security Policy
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and ComplianceAmazon Web Services
 
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 

Recommended

Boldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big DataBoldon James - How Data Classification can harness the power of Big Data
Boldon James - How Data Classification can harness the power of Big Databoldonjames
 
GDPR RACI.pdf
GDPR RACI.pdfGDPR RACI.pdf
GDPR RACI.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure IslandsSecure Islands - Data Security Policy
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and ComplianceAmazon Web Services
 
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Training privacy by design
Training privacy by designTraining privacy by design
Training privacy by designTommy Vandepitte
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
 
Data, Information And Knowledge Management Framework And The Data Management ...
Data, Information And Knowledge Management Framework And The Data Management ...Data, Information And Knowledge Management Framework And The Data Management ...
Data, Information And Knowledge Management Framework And The Data Management ...Alan McSweeney
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Data classification-policy
Data classification-policyData classification-policy
Data classification-policyCoi Xay
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPECB
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
Data Profiling, Data Catalogs and Metadata Harmonisation
Data Profiling, Data Catalogs and Metadata HarmonisationData Profiling, Data Catalogs and Metadata Harmonisation
Data Profiling, Data Catalogs and Metadata HarmonisationAlan McSweeney
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...Hernan Huwyler, MBA CPA
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentationJamesDempsey1
 
Checklist for SMEs for GDPR compliance
Checklist for SMEs for GDPR complianceChecklist for SMEs for GDPR compliance
Checklist for SMEs for GDPR complianceSarah Fox
 
Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security FrameworkKarthikeyan Dhayalan
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 
ISO 27001
ISO 27001ISO 27001
ISO 27001n|u - The Open Security Community
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesDATAVERSITY
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentationSudarsan Reddy
 
Where's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeWhere's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeCloud Standards Customer Council
 
How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataNeo4j
 

More Related Content

What's hot

Training privacy by design
Training privacy by designTraining privacy by design
Training privacy by designTommy Vandepitte
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
 
Data, Information And Knowledge Management Framework And The Data Management ...
Data, Information And Knowledge Management Framework And The Data Management ...Data, Information And Knowledge Management Framework And The Data Management ...
Data, Information And Knowledge Management Framework And The Data Management ...Alan McSweeney
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Data classification-policy
Data classification-policyData classification-policy
Data classification-policyCoi Xay
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPECB
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
Data Profiling, Data Catalogs and Metadata Harmonisation
Data Profiling, Data Catalogs and Metadata HarmonisationData Profiling, Data Catalogs and Metadata Harmonisation
Data Profiling, Data Catalogs and Metadata HarmonisationAlan McSweeney
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...Hernan Huwyler, MBA CPA
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentationJamesDempsey1
 
Checklist for SMEs for GDPR compliance
Checklist for SMEs for GDPR complianceChecklist for SMEs for GDPR compliance
Checklist for SMEs for GDPR complianceSarah Fox
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesDATAVERSITY
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 

What's hot (20)

Training privacy by design
Training privacy by designTraining privacy by design
Training privacy by design
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the risk
 
Data, Information And Knowledge Management Framework And The Data Management ...
Data, Information And Knowledge Management Framework And The Data Management ...Data, Information And Knowledge Management Framework And The Data Management ...
Data, Information And Knowledge Management Framework And The Data Management ...
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slides
 
Data classification-policy
Data classification-policyData classification-policy
Data classification-policy
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of Privacy
 
Data Profiling, Data Catalogs and Metadata Harmonisation
Data Profiling, Data Catalogs and Metadata HarmonisationData Profiling, Data Catalogs and Metadata Harmonisation
Data Profiling, Data Catalogs and Metadata Harmonisation
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
 
Checklist for SMEs for GDPR compliance
Checklist for SMEs for GDPR complianceChecklist for SMEs for GDPR compliance
Checklist for SMEs for GDPR compliance
 
Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security Framework
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & Approaches
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
 

Similar to Practical steps to GDPR compliance

How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataNeo4j
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfmsacs
 
SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution Google
 
Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018Metataxis
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionInfoGoTo
 
Building the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR ComplianceBuilding the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR ComplianceIndex Engines Inc.
 
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...Denodo
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowRachel Roach
 
Handling and Processing Big Data
Handling and Processing Big DataHandling and Processing Big Data
Handling and Processing Big DataUmair Shafique
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?Denodo
 
Creating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout PlanCreating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout PlanMediacurrent
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...ARMA International
 

Similar to Practical steps to GDPR compliance (20)

Where's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeWhere's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency Challenge
 
How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected Data
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdf
 
SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution
 
Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
 
Building the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR ComplianceBuilding the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR Compliance
 
GDPR- The Buck Stops Here
GDPR- The Buck Stops HereGDPR- The Buck Stops Here
GDPR- The Buck Stops Here
 
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to Know
 
Handling and Processing Big Data
Handling and Processing Big DataHandling and Processing Big Data
Handling and Processing Big Data
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?
 
Creating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout PlanCreating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout Plan
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firms
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
 

More from Jean-Michel Franco

A commonsense approach to data
A commonsense approach to dataA commonsense approach to data
A commonsense approach to dataJean-Michel Franco
 
Prendre la data par le bon sens
Prendre la data par le bon sensPrendre la data par le bon sens
Prendre la data par le bon sensJean-Michel Franco
 
Reveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data FabricReveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data FabricJean-Michel Franco
 
Dévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec TalendDévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec TalendJean-Michel Franco
 
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer ExperiencesJean-Michel Franco
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a YesJean-Michel Franco
 
Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019 Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019 Jean-Michel Franco
 
Delivering data you can trust for data privacy
Delivering data you can trust for data privacy Delivering data you can trust for data privacy
Delivering data you can trust for data privacy Jean-Michel Franco
 
Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Jean-Michel Franco
 
Libérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de donnéesLibérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de donnéesJean-Michel Franco
 
Liberating data with Talend Data Catalog
Liberating data with Talend Data CatalogLiberating data with Talend Data Catalog
Liberating data with Talend Data CatalogJean-Michel Franco
 
Delivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data LakeDelivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data LakeJean-Michel Franco
 
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claimsGDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claimsJean-Michel Franco
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Jean-Michel Franco
 
Operationalising gdpr compliance with data management
Operationalising gdpr compliance with data managementOperationalising gdpr compliance with data management
Operationalising gdpr compliance with data managementJean-Michel Franco
 
Delivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lakeDelivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lakeJean-Michel Franco
 
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Jean-Michel Franco
 
Créer la vue 360° des employés
Créer la vue 360° des employés Créer la vue 360° des employés
Créer la vue 360° des employés Jean-Michel Franco
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Jean-Michel Franco
 

More from Jean-Michel Franco (20)

A commonsense approach to data
A commonsense approach to dataA commonsense approach to data
A commonsense approach to data
 
Prendre la data par le bon sens
Prendre la data par le bon sensPrendre la data par le bon sens
Prendre la data par le bon sens
 
Reveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data FabricReveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data Fabric
 
Dévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec TalendDévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec Talend
 
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a Yes
 
Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019 Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019
 
Delivering data you can trust for data privacy
Delivering data you can trust for data privacy Delivering data you can trust for data privacy
Delivering data you can trust for data privacy
 
Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”
 
Libérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de donnéesLibérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de données
 
Liberating data with Talend Data Catalog
Liberating data with Talend Data CatalogLiberating data with Talend Data Catalog
Liberating data with Talend Data Catalog
 
Delivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data LakeDelivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data Lake
 
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claimsGDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...
 
Operationalising gdpr compliance with data management
Operationalising gdpr compliance with data managementOperationalising gdpr compliance with data management
Operationalising gdpr compliance with data management
 
Make Data Better Together
Make Data Better Together Make Data Better Together
Make Data Better Together
 
Delivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lakeDelivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lake
 
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
 
Créer la vue 360° des employés
Créer la vue 360° des employés Créer la vue 360° des employés
Créer la vue 360° des employés
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)
 

Recently uploaded

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringWSO2
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 

Practical steps to GDPR compliance

  • 1. 1 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
  • 3. 3 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
  • 4. 4 About us Sunil Soares, Information Asset, @sunilsoares1 • Founder & Managing Partner • Thought leader in the Data Governance industry • Authored eight books on Data Management, Data Governance, and Data Sovereignty • Information Asset is a boutique consulting firm focused on delivering Data Governance to diverse clients in multiple industries Jean-Michel Franco, Talend, @jmichel_franco • Sr Product Marketing Director, Data governance • 25 years of experience in Data Management and BI • Authored 4 books, and regular publications and blogs on data governance • Talend is a next-generation leader in cloud and big data integration software that helps companies make data a strategic asset.
  • 5. 5 • The EU published the General Data Protection Regulation (GDPR) in May 2016 • After a two-year transition period, the GDPR will go into effect on May 25, 2018 • The GDPR applies to the processing of personal data of all data subjects, including customers, employees, and prospects • Non-compliance with the GDPR may result in huge fines, which can be the higher of €20M or four percent of the organization’s worldwide revenues About the EU General Data Protection Regulation
  • 6. 6 • Multiple subject areas • Customer, Employee, Citizen, Vendor… • Emerging data types • Internet of Things, Biometrics… • Multiple jurisdictions • EU, Canada, Australia, U.S…. • Rapidly changing regulations • GDPR, CASL, HIPAA… Global Data Privacy is Multi-Dimensional
  • 7. 7 Poll #1 : How Far Along Are You with GDPR? Not started 48% Conducting risk assessment 32% Doing data mappings 18% Further along 2%
  • 8. 8 A 16 Step Data Governance Plan for GDPR Compliance 1. Develop Policies, Standards & Controls 2. Create Data Taxonomy 3. Confirm Data Owners 4. Identify Critical Datasets & Critical Data Elements 5. Establish Data Collection Standards 6. Define Acceptable Use Standards 7. Establish Data Masking Standards 8. Conduct Data Protection Impact Assessments 9. Conduct Vendor Risk Assessments 10. Improve Data Quality 11. Stitch Data Lineage 12. Govern Analytical Models 13. Manage End User Computing 14. Govern the Lifecycle of Information 15. Set up Data Sharing Agreements 16. Enforce Compliance with Controls
  • 9. 9 Operationalizing the 16 steps plan with Talend Goal Talend solution(s) Map the critical data elements across your datasets Metadata Manager Track and trace data with audit trails and data linage Metadata Manager Master Data Management Anonymize data for controlled privacy protection Data Quality (incl. Data masking and shuffling) Establish a data lake for trusted data & consent mgmt. Big Data Master Data Management Foster accountability for governance and stewardship Data Preparation Data Stewardship Share data with your data subjects Data Integration Data Services
  • 10. 10 • Collaborate with data architecture to classify data into categories and sub- categories • Customer, employee, prospect, vendor, franchisee • Example for employees: Step 2: Create Data Taxonomy Employee Salary & Benefits Identity Contacts Health infor- mation Social media Employee Perfor- mance
  • 11. 11 Have you agreed on a consistent definition of 'personal data' for GDPR purposes? Poll #2 No 53% Yes 47%
  • 12. 12 • GDPR Article 4 defines ‘personal data’ as any information relating to an identified or identifiable natural person… by reference to an identifier such as name, identification number, location data, an online identifier… • GDPR Article 9 restricts the processing of data revealing racial or ethic origin, political opinions, religious or philosophical beliefs, trade union membership… • Data Governance must work with Legal and Privacy to define ‘personal data’ for the GDPR • Example: an item code ‘Halal’ may be covered by Article 9 because it may point to a data subject’s religion Step 4: Identify Critical Datasets & Critical Data Elements
  • 13. 13 • GDPR Article 6 – Lawfulness of Processing • GDPR Article 7 – Conditions for Consent • Data Governance must establish controls so that Legal and Privacy sign off on data collection for any new project during the design phase • Example: creating an Enterprise Consent Repository with MDM Step 5 & 6: Data Collection & Acceptable Use Standards
  • 14. 14 • GDPR Recital 26 & Article 11 state that the principles of data protection should not apply to anonymous information • GDPR Article 32 deals with the security of personal data • Example: anonymizing salary benefits data for data science and analytics Step 7: Establish Data Masking Standards
  • 15. 15 • GDPR Article 30 requires organizations to maintain a record of processing activities • This record must include • a description of the categories and the categories of recipients of personal data, including those in third countries or international organizations; • transfers of personal data to a third country or an international organization • The recordkeeping requirements also extend to so-called processors who process data on behalf of an organization • Critical Step  Mapping of personal data elements to applications Step 11: Stitch Data Lineage
  • 16. 16 • GDPR Article 22 deals with Automated individual decision-making • Under many privacy laws, Automated Processing is required to be disclosed and results are subject to data subject access • “Disparate Treatment” versus “Disparate Impact” • Example : • predictive models may highlight that employees who live closer to work may stay longer in their jobs but the models may discriminate against minority candidates in certain zip codes Step 12: Govern Analytical Models
  • 17. 17 • User Computing (EUC) applications are outside the control of the IT department • EUCs include Microsoft Excel spreadsheets, Microsoft Access databases and SharePoint repositories • EUCs may contain personal data that is still subject to GDPR compliance including data masking requirements • Example: reclaiming control over user managed personal data with self – service tools Step 13: Manage End User Computing
  • 18. 18 • GDPR Article 17 deals with Right to Erasure or the ‘Right to be Forgotten’ • Manage information throughout its lifecycle (ILM), from creation through disposal, including compliance with legal, regulatory, and privacy requirements • Manage retention schedules • Example: How do you forget a data subject if you do not know where their information resides in the first place? Step 14: Govern the Lifecycle of Information
  • 19. 19 Step 16: Enforce Compliance with GDPR Controls GDPR Article (Sample) GDPR Description GDPR Controls Talend Tooling Article 6 Lawfulness of processing • Sign-offs by legal and compliance during the design phase of any new project that requires the processing of personal data • Talend Metadata Manager • Talend MDM Article 7 Conditions for consent • Obtain informed consent of data subjects • Talend MDM • Talend Big Data • Talend Data Quality Article 9 Processing of special categories of personal data, such as race and ethnic origin • Identification of special data categories as CDEs • Sign-off by legal and compliance on usage of special categories of data during the design phase of a project • Talend Metadata Manager • Talend MDM Article 11 Processing which does not require identification • Data masking • Talend Data Quality • Talend Data Preparation Article 30 Records of processing activities • Data lineage for sensitive data within the enterprise and extending to processors and sub-processors • Talend Metadata Manager
  • 20. 20 Poll #3 : Considering Tools for GDPR Compliance? 0,00% 5,00% 10,00% 15,00% 20,00% 25,00% 30,00% Data Governance Data Masking Data Quality & integration Data Stewardship Metadata Management
  • 21. 21 Suggested next steps towards GDPR Compliance • Read our White paper: 16 Practical Steps towards GDPR Compliance • Evaluate Talend tools at www.talend.com • Define ‘personal data’ for GDPR with respect to your organization • Map personal data elements to applications • Above all, drive alignment between Legal, Compliance, Privacy and Enterprise Data Management to re-use existing data governance program to support GDPR compliance
  • 22. 22 ©2017 Talend Thank You! White Paper Available Soon : www.talend.com 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset)and Jean-Michel Franco (Talend)