Pragmatic GDPR: Single View of Person
by Michael Hiskey | June 12, 2018
Recently, we have been asked to talk about how some of our clients are implementing real solutions for GDPR on both sides of the Atlantic. We have been joined by colleagues and partners alike in conversations including a recent web briefing, and at conferences in the UK and US.
These briefings have been ‘advanced classes’ on GDPR that focus on practical experience, rather than “What is GDPR and why should you care." Beyond the talk of scary fines, or over-promised software or consulting offerings trying to be a "Silver Bullet," in all cases, it will require the right blend of people processes and technology to successfully meet the data requirements associated with GDPR.
At IRM MDM & Data Governance Summit Europe I was joined by Semarchy partner Cliff Gibson, from GDPR Mentor. Cliff has taken the time to think deeply about regulations like IDMP and GDPR from his experience as an Enterprise Solutions Architect in Europe, and codified that into the work he now does at DBR Data. This mindmap Cliff put together is a useful way to visualize the facets of the regulation. Check out much more on his blog.
Cliff and I also joined our thinking for the aforementioned web briefing - a 20-minute fast web seminar that went over the same concept outlined in the slides below.
At the Data Governance & Information Quality Conference, I am joined by Robin Peel, Senior Customer Success Consultant, who takes the material a bit deeper into how the data requirements for GDPR extend to multiple data management capabilities -- including MDM, governance, data quality, enrichment and workflows.
There are a number of great resources to get up-to-speed on GDPR. Since I mostly come in contact with B2B organizations, I find that the ICO Guidelines from the UK seem to make for easiest reading; there is further thinking from the original text there. This is a good, searchable and reference-able resource. Of course, there is no replacement for the full 99 articles, 173 recitals and 260 page detail you can find on the EU website.
There truly is no silver bullet for GDPR. However, UK and other EEA organizations are putting in practice fast-path GDPR data solutions that solve for data subject access rights and requests without long consulting engagements that yield results in weeks. Lasting change is possible, and affords a myriad of unintended benefits from increased intimacy with the people data in your organisation.Specifically, these briefings cover:
- How to get staff to care about personal data, using a carrot AND a stick approach
- Best practices from UK organizations that are out in front of this month’s deadline
- How to get executives, and peer department heads on board for smooth compliance
xDM, the Intelligent Data Hub from Semarchy is a great tool that can fast-track your path to responding to the data requirements for GDPR. While there is no "fix all", the combination of capabilities in the platform have empowered our clients to address the type of data needs related to Data Subject Rights quickly. Integration is still required; however, most of those clients have a meaningful solution that any Data Protection Officer or nontechnical staff can use in a matter of weeks.
In specific, these materials talk about addressing data subject access requests, and addressing:
- Right of Access
- Right of Portability
- Right to Erasure (aka "right to be forgotten")
- Right of Rectification
For more information, please download the slides:
- Why GDPR is both a Challenge and an Opportunity - Tech Republic
- GDPR Crosses the Pond - Big Data Quarterly
- Data Management in the Age of GDPR - IT Pro Portal
- Data quality goes big-time with GDPR - InfoWorld "Driven by Data" Column
- He Who Rules The Data, Rules The World: A Brief History Of Data Governance - Forbes
You can access the web briefing that coordinates with these slides on demand: