The General Data Protection Regulation is a European Union act that requires organizations with data from any citizen of an EU country to have certain data privacy guards in place.
Privacy is not a new dimension of data management, nor is it only part of a GDPR compliance checklist. It is a major issue for any organization's risk management, since most organizations collect some forms of personal data that could be combined to identify an individual. Leaving that data accessible and open to threats and events of malicious usage, accidental disclosure or other challenges is a main reason for the creation of the GDPR.
The following steps may be useful for organizations to include on a GDPR compliance checklist:
- Perform a current state analysis of the people, processes and technology capabilities that collect, process and manage privacy and security controls for personally identifiable information (PII) of customers and employees. Include data sources and the metadata -- business and technical -- for each attribute.
- Understand the difference between a privacy and security classification and instruct business and technical data stewards accordingly for all PII. Then, implement these classifications appropriately and consistently.
- Implement the proper metadata management for data and train data governance professionals and business and technical data stewards in the organization's approach to metadata management. Glossaries, data dictionaries, etc., should note all PII and their classifications.
- Integrate data privacy and data security into all the data management efforts as part of your GDPR compliance checklist, including data quality, master and reference data management, data warehousing, and BI and analytics. PII data can travel far and wide!
Dig Deeper on Data governance strategy
Related Q&A from Anne Marie Smith, Ph.D.
Consultant Anne Marie Smith details five challenges that an organization may face in applying data governance policies to data lakes and offers ... Continue Reading
An enterprise data catalog can help data stewards and other users in an organization manage metadata and explore data assets. Here are 10 key steps ... Continue Reading
Expert Anne Marie Smith shares five reasons why organizations' analytics programs might fail and how a data management framework and other programs ... Continue Reading