úterý 24. října 2017

Technology and GDPR: Is your platform ready?

Technology and GDPR: Is your platform ready?
By David Mackay, associate vice president of business development, Ness Digital Engineering
Cituji z úvodu:
"There are several common challenges arising from GDPR that companies should consider when it comes to making their technology platforms GDPR compliant."
Plné znění článku najdete na adrese:
https://www.itproportal.com/features/technology-and-gdpr-is-your-platform-ready/
Cituji vybrané části textu:
"While numerous “toolkits” of varying degrees of sophistication are available to help companies assess the degree of process compliance that currently exists within their organisations, and to provide process flows that facilitate compliance, little has been discussed around GDPR’s impact on technology platforms currently holding all that data. One reason is because each company or organisation has a unique mix of technologies, people and processes involved, so it is difficult to generalise. However, there are several common challenges arising from GDPR that companies should consider when it comes to making their technology platforms GDPR compliant.
"One way to address this data handling transparency requirement is to revisit a company’s enterprise data architecture to better understand where PII data exists. "
"Identifying where PII data exists can be further addressed by implementing more holistic search capabilities, ensuring a company can search across all its technology platforms and archives for specific keys or identifiers relating to individuals."
"This requires the reporting of information in a way that explains what data is being held (i.e. structured information versus raw computer data) and how an organisation is processing it to derive insights about that individual. These SARs can come from any number of (mostly digital) channels and may need to be delivered back via that same channel with an appropriate user experience."
"Companies will almost certainly need to upgrade existing data platforms, and in most cases, implement a new data governance technology platform to facilitate and automate their ability to comply with GDPR legislation. However, the specific needs of GDPR are not well handled out-of-the-box by existing data governance products that offer a generic solution, as much of the effort required will be bespoke to each organisation’s existing data platforms."
"When it comes to concerns about GDPR’s impact on technology and data platforms, organisations should consider carrying out a GDPR data platform audit and make specific recommendations to address technology shortfalls."