SlideShare a Scribd company logo

Practical steps to GDPR compliance

Jean-Michel Franco
Jean-Michel Franco

70% of employees have access to data they should not…and that’s going to be a problem when GDPR takes affect in May 2018. A strong data governance program ensures that you have the policies, standards, and controls in place to protect data effectively and access it for decision making. Data governance may become one of the most important functions of your data integration architecture when it comes to data agility. Watch this on-demand webinar describing practical steps to data governance: - Map personal data elements to data fields across systems using metadata - Create workflows for data stewardship and manage end user computing - Establish a data lake with native data quality for consent processing - Track and manage data with audit trails and data lineage

Technology
1 of 22
Download to read offline
1 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
2 https://info.talend.com/en_tld_outlining_practicalsteps_gdpr_compliance.html Watch the replay of this presentation
3 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
4 About us Sunil Soares, Information Asset, @sunilsoares1 • Founder & Managing Partner • Thought leader in the Data Governance industry • Authored eight books on Data Management, Data Governance, and Data Sovereignty • Information Asset is a boutique consulting firm focused on delivering Data Governance to diverse clients in multiple industries Jean-Michel Franco, Talend, @jmichel_franco • Sr Product Marketing Director, Data governance • 25 years of experience in Data Management and BI • Authored 4 books, and regular publications and blogs on data governance • Talend is a next-generation leader in cloud and big data integration software that helps companies make data a strategic asset.
5 • The EU published the General Data Protection Regulation (GDPR) in May 2016 • After a two-year transition period, the GDPR will go into effect on May 25, 2018 • The GDPR applies to the processing of personal data of all data subjects, including customers, employees, and prospects • Non-compliance with the GDPR may result in huge fines, which can be the higher of €20M or four percent of the organization’s worldwide revenues About the EU General Data Protection Regulation
6 • Multiple subject areas • Customer, Employee, Citizen, Vendor… • Emerging data types • Internet of Things, Biometrics… • Multiple jurisdictions • EU, Canada, Australia, U.S…. • Rapidly changing regulations • GDPR, CASL, HIPAA… Global Data Privacy is Multi-Dimensional
7 Poll #1 : How Far Along Are You with GDPR? Not started 48% Conducting risk assessment 32% Doing data mappings 18% Further along 2%
8 A 16 Step Data Governance Plan for GDPR Compliance 1. Develop Policies, Standards & Controls 2. Create Data Taxonomy 3. Confirm Data Owners 4. Identify Critical Datasets & Critical Data Elements 5. Establish Data Collection Standards 6. Define Acceptable Use Standards 7. Establish Data Masking Standards 8. Conduct Data Protection Impact Assessments 9. Conduct Vendor Risk Assessments 10. Improve Data Quality 11. Stitch Data Lineage 12. Govern Analytical Models 13. Manage End User Computing 14. Govern the Lifecycle of Information 15. Set up Data Sharing Agreements 16. Enforce Compliance with Controls
9 Operationalizing the 16 steps plan with Talend Goal Talend solution(s) Map the critical data elements across your datasets Metadata Manager Track and trace data with audit trails and data linage Metadata Manager Master Data Management Anonymize data for controlled privacy protection Data Quality (incl. Data masking and shuffling) Establish a data lake for trusted data & consent mgmt. Big Data Master Data Management Foster accountability for governance and stewardship Data Preparation Data Stewardship Share data with your data subjects Data Integration Data Services
10 • Collaborate with data architecture to classify data into categories and sub- categories • Customer, employee, prospect, vendor, franchisee • Example for employees: Step 2: Create Data Taxonomy Employee Salary & Benefits Identity Contacts Health infor- mation Social media Employee Perfor- mance
11 Have you agreed on a consistent definition of 'personal data' for GDPR purposes? Poll #2 No 53% Yes 47%
12 • GDPR Article 4 defines ‘personal data’ as any information relating to an identified or identifiable natural person… by reference to an identifier such as name, identification number, location data, an online identifier… • GDPR Article 9 restricts the processing of data revealing racial or ethic origin, political opinions, religious or philosophical beliefs, trade union membership… • Data Governance must work with Legal and Privacy to define ‘personal data’ for the GDPR • Example: an item code ‘Halal’ may be covered by Article 9 because it may point to a data subject’s religion Step 4: Identify Critical Datasets & Critical Data Elements
13 • GDPR Article 6 – Lawfulness of Processing • GDPR Article 7 – Conditions for Consent • Data Governance must establish controls so that Legal and Privacy sign off on data collection for any new project during the design phase • Example: creating an Enterprise Consent Repository with MDM Step 5 & 6: Data Collection & Acceptable Use Standards
14 • GDPR Recital 26 & Article 11 state that the principles of data protection should not apply to anonymous information • GDPR Article 32 deals with the security of personal data • Example: anonymizing salary benefits data for data science and analytics Step 7: Establish Data Masking Standards
15 • GDPR Article 30 requires organizations to maintain a record of processing activities • This record must include • a description of the categories and the categories of recipients of personal data, including those in third countries or international organizations; • transfers of personal data to a third country or an international organization • The recordkeeping requirements also extend to so-called processors who process data on behalf of an organization • Critical Step  Mapping of personal data elements to applications Step 11: Stitch Data Lineage
16 • GDPR Article 22 deals with Automated individual decision-making • Under many privacy laws, Automated Processing is required to be disclosed and results are subject to data subject access • “Disparate Treatment” versus “Disparate Impact” • Example : • predictive models may highlight that employees who live closer to work may stay longer in their jobs but the models may discriminate against minority candidates in certain zip codes Step 12: Govern Analytical Models
17 • User Computing (EUC) applications are outside the control of the IT department • EUCs include Microsoft Excel spreadsheets, Microsoft Access databases and SharePoint repositories • EUCs may contain personal data that is still subject to GDPR compliance including data masking requirements • Example: reclaiming control over user managed personal data with self – service tools Step 13: Manage End User Computing
18 • GDPR Article 17 deals with Right to Erasure or the ‘Right to be Forgotten’ • Manage information throughout its lifecycle (ILM), from creation through disposal, including compliance with legal, regulatory, and privacy requirements • Manage retention schedules • Example: How do you forget a data subject if you do not know where their information resides in the first place? Step 14: Govern the Lifecycle of Information
19 Step 16: Enforce Compliance with GDPR Controls GDPR Article (Sample) GDPR Description GDPR Controls Talend Tooling Article 6 Lawfulness of processing • Sign-offs by legal and compliance during the design phase of any new project that requires the processing of personal data • Talend Metadata Manager • Talend MDM Article 7 Conditions for consent • Obtain informed consent of data subjects • Talend MDM • Talend Big Data • Talend Data Quality Article 9 Processing of special categories of personal data, such as race and ethnic origin • Identification of special data categories as CDEs • Sign-off by legal and compliance on usage of special categories of data during the design phase of a project • Talend Metadata Manager • Talend MDM Article 11 Processing which does not require identification • Data masking • Talend Data Quality • Talend Data Preparation Article 30 Records of processing activities • Data lineage for sensitive data within the enterprise and extending to processors and sub-processors • Talend Metadata Manager
20 Poll #3 : Considering Tools for GDPR Compliance? 0,00% 5,00% 10,00% 15,00% 20,00% 25,00% 30,00% Data Governance Data Masking Data Quality & integration Data Stewardship Metadata Management
21 Suggested next steps towards GDPR Compliance • Read our White paper: 16 Practical Steps towards GDPR Compliance • Evaluate Talend tools at www.talend.com • Define ‘personal data’ for GDPR with respect to your organization • Map personal data elements to applications • Above all, drive alignment between Legal, Compliance, Privacy and Enterprise Data Management to re-use existing data governance program to support GDPR compliance
22 ©2017 Talend Thank You! White Paper Available Soon : www.talend.com 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset)and Jean-Michel Franco (Talend)

Recommended

Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Master Data Management – Aligning Data, Process, and Governance
Master Data Management – Aligning Data, Process, and GovernanceMaster Data Management – Aligning Data, Process, and Governance
Master Data Management – Aligning Data, Process, and GovernanceDATAVERSITY
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
How to Build & Sustain a Data Governance Operating Model
How to Build & Sustain a Data Governance Operating Model How to Build & Sustain a Data Governance Operating Model
How to Build & Sustain a Data Governance Operating Model DATUM LLC
 
Data Governance Best Practices
Data Governance Best PracticesData Governance Best Practices
Data Governance Best PracticesBoris Otto
 
[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure ComplianceAIIM International
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 

Recommended

Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Master Data Management – Aligning Data, Process, and Governance
Master Data Management – Aligning Data, Process, and GovernanceMaster Data Management – Aligning Data, Process, and Governance
Master Data Management – Aligning Data, Process, and GovernanceDATAVERSITY
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
How to Build & Sustain a Data Governance Operating Model
How to Build & Sustain a Data Governance Operating Model How to Build & Sustain a Data Governance Operating Model
How to Build & Sustain a Data Governance Operating Model DATUM LLC
 
Data Governance Best Practices
Data Governance Best PracticesData Governance Best Practices
Data Governance Best PracticesBoris Otto
 
[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure ComplianceAIIM International
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
Achieving a Single View of Business – Critical Data with Master Data Management
Achieving a Single View of Business – Critical Data with Master Data ManagementAchieving a Single View of Business – Critical Data with Master Data Management
Achieving a Single View of Business – Critical Data with Master Data ManagementDATAVERSITY
 
KVKK Genel sunum - Kişisel Veriler
KVKK Genel sunum - Kişisel VerilerKVKK Genel sunum - Kişisel Veriler
KVKK Genel sunum - Kişisel VerilerÖmer Özer
 
isms-presentation.ppt
isms-presentation.pptisms-presentation.ppt
isms-presentation.pptHasnolAhmad2
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
DMBOK and Data Governance
DMBOK and Data GovernanceDMBOK and Data Governance
DMBOK and Data GovernancePeter Vennel PMP,SCEA,CBIP,CDMP
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
Developing a Data Strategy
Developing a Data StrategyDeveloping a Data Strategy
Developing a Data StrategyMartha Horler
 
Data strategy demistifying data
Data strategy demistifying dataData strategy demistifying data
Data strategy demistifying dataHans Verstraeten
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
The Business Value of Metadata for Data Governance
The Business Value of Metadata for Data GovernanceThe Business Value of Metadata for Data Governance
The Business Value of Metadata for Data GovernanceRoland Bullivant
 
Data Architecture for Solutions.pdf
Data Architecture for Solutions.pdfData Architecture for Solutions.pdf
Data Architecture for Solutions.pdfAlan McSweeney
 
Data Governance Workshop
Data Governance WorkshopData Governance Workshop
Data Governance WorkshopCCG
 
Data Governance — Aligning Technical and Business Approaches
Data Governance — Aligning Technical and Business ApproachesData Governance — Aligning Technical and Business Approaches
Data Governance — Aligning Technical and Business ApproachesDATAVERSITY
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationBCC - Solutions for IBM Collaboration Software
 
Data stewardship
Data stewardshipData stewardship
Data stewardshipAldis Ērglis
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Where's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeWhere's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeCloud Standards Customer Council
 
How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataNeo4j
 

More Related Content

What's hot

Achieving a Single View of Business – Critical Data with Master Data Management
Achieving a Single View of Business – Critical Data with Master Data ManagementAchieving a Single View of Business – Critical Data with Master Data Management
Achieving a Single View of Business – Critical Data with Master Data ManagementDATAVERSITY
 
KVKK Genel sunum - Kişisel Veriler
KVKK Genel sunum - Kişisel VerilerKVKK Genel sunum - Kişisel Veriler
KVKK Genel sunum - Kişisel VerilerÖmer Özer
 
isms-presentation.ppt
isms-presentation.pptisms-presentation.ppt
isms-presentation.pptHasnolAhmad2
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
Developing a Data Strategy
Developing a Data StrategyDeveloping a Data Strategy
Developing a Data StrategyMartha Horler
 
Data strategy demistifying data
Data strategy demistifying dataData strategy demistifying data
Data strategy demistifying dataHans Verstraeten
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
The Business Value of Metadata for Data Governance
The Business Value of Metadata for Data GovernanceThe Business Value of Metadata for Data Governance
The Business Value of Metadata for Data GovernanceRoland Bullivant
 
Data Architecture for Solutions.pdf
Data Architecture for Solutions.pdfData Architecture for Solutions.pdf
Data Architecture for Solutions.pdfAlan McSweeney
 
Data Governance Workshop
Data Governance WorkshopData Governance Workshop
Data Governance WorkshopCCG
 
Data Governance — Aligning Technical and Business Approaches
Data Governance — Aligning Technical and Business ApproachesData Governance — Aligning Technical and Business Approaches
Data Governance — Aligning Technical and Business ApproachesDATAVERSITY
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 

What's hot (20)

Achieving a Single View of Business – Critical Data with Master Data Management
Achieving a Single View of Business – Critical Data with Master Data ManagementAchieving a Single View of Business – Critical Data with Master Data Management
Achieving a Single View of Business – Critical Data with Master Data Management
 
KVKK Genel sunum - Kişisel Veriler
KVKK Genel sunum - Kişisel VerilerKVKK Genel sunum - Kişisel Veriler
KVKK Genel sunum - Kişisel Veriler
 
isms-presentation.ppt
isms-presentation.pptisms-presentation.ppt
isms-presentation.ppt
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdf
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
DMBOK and Data Governance
DMBOK and Data GovernanceDMBOK and Data Governance
DMBOK and Data Governance
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of Privacy
 
Developing a Data Strategy
Developing a Data StrategyDeveloping a Data Strategy
Developing a Data Strategy
 
Data strategy demistifying data
Data strategy demistifying dataData strategy demistifying data
Data strategy demistifying data
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
The Business Value of Metadata for Data Governance
The Business Value of Metadata for Data GovernanceThe Business Value of Metadata for Data Governance
The Business Value of Metadata for Data Governance
 
Data Architecture for Solutions.pdf
Data Architecture for Solutions.pdfData Architecture for Solutions.pdf
Data Architecture for Solutions.pdf
 
Data Governance Workshop
Data Governance WorkshopData Governance Workshop
Data Governance Workshop
 
Data Governance — Aligning Technical and Business Approaches
Data Governance — Aligning Technical and Business ApproachesData Governance — Aligning Technical and Business Approaches
Data Governance — Aligning Technical and Business Approaches
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data Quality
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
Data stewardship
Data stewardshipData stewardship
Data stewardship
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 

Similar to Practical steps to GDPR compliance

How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataNeo4j
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfmsacs
 
SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution Google
 
Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018Metataxis
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionInfoGoTo
 
Building the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR ComplianceBuilding the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR ComplianceIndex Engines Inc.
 
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...Denodo
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowRachel Roach
 
Handling and Processing Big Data
Handling and Processing Big DataHandling and Processing Big Data
Handling and Processing Big DataUmair Shafique
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?Denodo
 
Creating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout PlanCreating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout PlanMediacurrent
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...ARMA International
 

Similar to Practical steps to GDPR compliance (20)

Where's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeWhere's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency Challenge
 
How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected Data
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdf
 
SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution SureSkills GDPR - Discover the Smart Solution
SureSkills GDPR - Discover the Smart Solution
 
Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018Get doing GDPR right now! IRMS May 2018
Get doing GDPR right now! IRMS May 2018
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
 
Building the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR ComplianceBuilding the Governance Ready Enterprise for GDPR Compliance
Building the Governance Ready Enterprise for GDPR Compliance
 
GDPR- The Buck Stops Here
GDPR- The Buck Stops HereGDPR- The Buck Stops Here
GDPR- The Buck Stops Here
 
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
Implementar una estrategia eficiente de gobierno y seguridad del dato con la ...
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to Know
 
Handling and Processing Big Data
Handling and Processing Big DataHandling and Processing Big Data
Handling and Processing Big Data
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?¿En qué se parece el Gobierno del Dato a un parque de atracciones?
¿En qué se parece el Gobierno del Dato a un parque de atracciones?
 
Creating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout PlanCreating a GDPR Action Plan; Not a Freakout Plan
Creating a GDPR Action Plan; Not a Freakout Plan
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firms
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
 

More from Jean-Michel Franco

A commonsense approach to data
A commonsense approach to dataA commonsense approach to data
A commonsense approach to dataJean-Michel Franco
 
Prendre la data par le bon sens
Prendre la data par le bon sensPrendre la data par le bon sens
Prendre la data par le bon sensJean-Michel Franco
 
Reveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data FabricReveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data FabricJean-Michel Franco
 
Dévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec TalendDévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec TalendJean-Michel Franco
 
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer ExperiencesJean-Michel Franco
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a YesJean-Michel Franco
 
Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019 Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019 Jean-Michel Franco
 
Delivering data you can trust for data privacy
Delivering data you can trust for data privacy Delivering data you can trust for data privacy
Delivering data you can trust for data privacy Jean-Michel Franco
 
Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Jean-Michel Franco
 
Libérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de donnéesLibérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de donnéesJean-Michel Franco
 
Liberating data with Talend Data Catalog
Liberating data with Talend Data CatalogLiberating data with Talend Data Catalog
Liberating data with Talend Data CatalogJean-Michel Franco
 
Delivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data LakeDelivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data LakeJean-Michel Franco
 
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claimsGDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claimsJean-Michel Franco
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Jean-Michel Franco
 
Operationalising gdpr compliance with data management
Operationalising gdpr compliance with data managementOperationalising gdpr compliance with data management
Operationalising gdpr compliance with data managementJean-Michel Franco
 
Delivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lakeDelivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lakeJean-Michel Franco
 
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Jean-Michel Franco
 
Créer la vue 360° des employés
Créer la vue 360° des employés Créer la vue 360° des employés
Créer la vue 360° des employés Jean-Michel Franco
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Jean-Michel Franco
 

More from Jean-Michel Franco (20)

A commonsense approach to data
A commonsense approach to dataA commonsense approach to data
A commonsense approach to data
 
Prendre la data par le bon sens
Prendre la data par le bon sensPrendre la data par le bon sens
Prendre la data par le bon sens
 
Reveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data FabricReveal the Intelligence in your Data with Talend Data Fabric
Reveal the Intelligence in your Data with Talend Data Fabric
 
Dévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec TalendDévoilez l'essentiel de vos données avec Talend
Dévoilez l'essentiel de vos données avec Talend
 
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
3 Steps to Turning CCPA & Data Privacy into Personalized Customer Experiences
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a Yes
 
Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019 Delivering data you can trust with Talend 2019
Delivering data you can trust with Talend 2019
 
Delivering data you can trust for data privacy
Delivering data you can trust for data privacy Delivering data you can trust for data privacy
Delivering data you can trust for data privacy
 
Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”Deliver Data Governance with a “Yes”
Deliver Data Governance with a “Yes”
 
Libérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de donnéesLibérez vos données avec un catalogue de données
Libérez vos données avec un catalogue de données
 
Liberating data with Talend Data Catalog
Liberating data with Talend Data CatalogLiberating data with Talend Data Catalog
Liberating data with Talend Data Catalog
 
Delivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data LakeDelivering Analytics at Scale with a Governed Data Lake
Delivering Analytics at Scale with a Governed Data Lake
 
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claimsGDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
GDPR Benhmark: 70% of companies failing on their own GDPR compliance claims
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...
 
Operationalising gdpr compliance with data management
Operationalising gdpr compliance with data managementOperationalising gdpr compliance with data management
Operationalising gdpr compliance with data management
 
Make Data Better Together
Make Data Better Together Make Data Better Together
Make Data Better Together
 
Delivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lakeDelivering analytics at scale with a governed data lake
Delivering analytics at scale with a governed data lake
 
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
 
Créer la vue 360° des employés
Créer la vue 360° des employés Créer la vue 360° des employés
Créer la vue 360° des employés
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)
 

Recently uploaded

The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 

Recently uploaded (20)

The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 

Practical steps to GDPR compliance

  • 1. 1 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
  • 3. 3 ©2017 Talend 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset) and Jean-Michel Franco (Talend)
  • 4. 4 About us Sunil Soares, Information Asset, @sunilsoares1 • Founder & Managing Partner • Thought leader in the Data Governance industry • Authored eight books on Data Management, Data Governance, and Data Sovereignty • Information Asset is a boutique consulting firm focused on delivering Data Governance to diverse clients in multiple industries Jean-Michel Franco, Talend, @jmichel_franco • Sr Product Marketing Director, Data governance • 25 years of experience in Data Management and BI • Authored 4 books, and regular publications and blogs on data governance • Talend is a next-generation leader in cloud and big data integration software that helps companies make data a strategic asset.
  • 5. 5 • The EU published the General Data Protection Regulation (GDPR) in May 2016 • After a two-year transition period, the GDPR will go into effect on May 25, 2018 • The GDPR applies to the processing of personal data of all data subjects, including customers, employees, and prospects • Non-compliance with the GDPR may result in huge fines, which can be the higher of €20M or four percent of the organization’s worldwide revenues About the EU General Data Protection Regulation
  • 6. 6 • Multiple subject areas • Customer, Employee, Citizen, Vendor… • Emerging data types • Internet of Things, Biometrics… • Multiple jurisdictions • EU, Canada, Australia, U.S…. • Rapidly changing regulations • GDPR, CASL, HIPAA… Global Data Privacy is Multi-Dimensional
  • 7. 7 Poll #1 : How Far Along Are You with GDPR? Not started 48% Conducting risk assessment 32% Doing data mappings 18% Further along 2%
  • 8. 8 A 16 Step Data Governance Plan for GDPR Compliance 1. Develop Policies, Standards & Controls 2. Create Data Taxonomy 3. Confirm Data Owners 4. Identify Critical Datasets & Critical Data Elements 5. Establish Data Collection Standards 6. Define Acceptable Use Standards 7. Establish Data Masking Standards 8. Conduct Data Protection Impact Assessments 9. Conduct Vendor Risk Assessments 10. Improve Data Quality 11. Stitch Data Lineage 12. Govern Analytical Models 13. Manage End User Computing 14. Govern the Lifecycle of Information 15. Set up Data Sharing Agreements 16. Enforce Compliance with Controls
  • 9. 9 Operationalizing the 16 steps plan with Talend Goal Talend solution(s) Map the critical data elements across your datasets Metadata Manager Track and trace data with audit trails and data linage Metadata Manager Master Data Management Anonymize data for controlled privacy protection Data Quality (incl. Data masking and shuffling) Establish a data lake for trusted data & consent mgmt. Big Data Master Data Management Foster accountability for governance and stewardship Data Preparation Data Stewardship Share data with your data subjects Data Integration Data Services
  • 10. 10 • Collaborate with data architecture to classify data into categories and sub- categories • Customer, employee, prospect, vendor, franchisee • Example for employees: Step 2: Create Data Taxonomy Employee Salary & Benefits Identity Contacts Health infor- mation Social media Employee Perfor- mance
  • 11. 11 Have you agreed on a consistent definition of 'personal data' for GDPR purposes? Poll #2 No 53% Yes 47%
  • 12. 12 • GDPR Article 4 defines ‘personal data’ as any information relating to an identified or identifiable natural person… by reference to an identifier such as name, identification number, location data, an online identifier… • GDPR Article 9 restricts the processing of data revealing racial or ethic origin, political opinions, religious or philosophical beliefs, trade union membership… • Data Governance must work with Legal and Privacy to define ‘personal data’ for the GDPR • Example: an item code ‘Halal’ may be covered by Article 9 because it may point to a data subject’s religion Step 4: Identify Critical Datasets & Critical Data Elements
  • 13. 13 • GDPR Article 6 – Lawfulness of Processing • GDPR Article 7 – Conditions for Consent • Data Governance must establish controls so that Legal and Privacy sign off on data collection for any new project during the design phase • Example: creating an Enterprise Consent Repository with MDM Step 5 & 6: Data Collection & Acceptable Use Standards
  • 14. 14 • GDPR Recital 26 & Article 11 state that the principles of data protection should not apply to anonymous information • GDPR Article 32 deals with the security of personal data • Example: anonymizing salary benefits data for data science and analytics Step 7: Establish Data Masking Standards
  • 15. 15 • GDPR Article 30 requires organizations to maintain a record of processing activities • This record must include • a description of the categories and the categories of recipients of personal data, including those in third countries or international organizations; • transfers of personal data to a third country or an international organization • The recordkeeping requirements also extend to so-called processors who process data on behalf of an organization • Critical Step  Mapping of personal data elements to applications Step 11: Stitch Data Lineage
  • 16. 16 • GDPR Article 22 deals with Automated individual decision-making • Under many privacy laws, Automated Processing is required to be disclosed and results are subject to data subject access • “Disparate Treatment” versus “Disparate Impact” • Example : • predictive models may highlight that employees who live closer to work may stay longer in their jobs but the models may discriminate against minority candidates in certain zip codes Step 12: Govern Analytical Models
  • 17. 17 • User Computing (EUC) applications are outside the control of the IT department • EUCs include Microsoft Excel spreadsheets, Microsoft Access databases and SharePoint repositories • EUCs may contain personal data that is still subject to GDPR compliance including data masking requirements • Example: reclaiming control over user managed personal data with self – service tools Step 13: Manage End User Computing
  • 18. 18 • GDPR Article 17 deals with Right to Erasure or the ‘Right to be Forgotten’ • Manage information throughout its lifecycle (ILM), from creation through disposal, including compliance with legal, regulatory, and privacy requirements • Manage retention schedules • Example: How do you forget a data subject if you do not know where their information resides in the first place? Step 14: Govern the Lifecycle of Information
  • 19. 19 Step 16: Enforce Compliance with GDPR Controls GDPR Article (Sample) GDPR Description GDPR Controls Talend Tooling Article 6 Lawfulness of processing • Sign-offs by legal and compliance during the design phase of any new project that requires the processing of personal data • Talend Metadata Manager • Talend MDM Article 7 Conditions for consent • Obtain informed consent of data subjects • Talend MDM • Talend Big Data • Talend Data Quality Article 9 Processing of special categories of personal data, such as race and ethnic origin • Identification of special data categories as CDEs • Sign-off by legal and compliance on usage of special categories of data during the design phase of a project • Talend Metadata Manager • Talend MDM Article 11 Processing which does not require identification • Data masking • Talend Data Quality • Talend Data Preparation Article 30 Records of processing activities • Data lineage for sensitive data within the enterprise and extending to processors and sub-processors • Talend Metadata Manager
  • 20. 20 Poll #3 : Considering Tools for GDPR Compliance? 0,00% 5,00% 10,00% 15,00% 20,00% 25,00% 30,00% Data Governance Data Masking Data Quality & integration Data Stewardship Metadata Management
  • 21. 21 Suggested next steps towards GDPR Compliance • Read our White paper: 16 Practical Steps towards GDPR Compliance • Evaluate Talend tools at www.talend.com • Define ‘personal data’ for GDPR with respect to your organization • Map personal data elements to applications • Above all, drive alignment between Legal, Compliance, Privacy and Enterprise Data Management to re-use existing data governance program to support GDPR compliance
  • 22. 22 ©2017 Talend Thank You! White Paper Available Soon : www.talend.com 16 Practical Steps to GDPR Compliance Sunil Soares (Information Asset)and Jean-Michel Franco (Talend)