Data Lineage: The Key to Total GDPR Compliance

Print Friendly, PDF & Email

In this special guest feature, Rob Perry, Vice President of Product Marketing, ASG Technologies discusses how data lineage can help organizations ensure GDPR compliance. With the incredible amount of data organizations collect today, global companies are scrambling to take stock of their data and ensure they’re complying with the impending GDPR requirements. Rob has a broad background in product management and product marketing developed at a range of technology industry leaders including CSC, Inc, Siemens, Microsoft and Lotus Development. He’s been part of teams bringing major software products to market including SharePoint 2007, Lotus Notes and Lotus 1-2-3. In addition, Rob was an analyst covering the market for Internet information tools at Yankee Group. He has a BA in Economics from the University of Virginia and lives south of Boston where he sails in the summer and skis in the winter.

By now, most global organizations are aware that the General Data Protection Regulation (GDPR) is just around the corner, as well as the myriad implications it holds for their businesses. And while many have taken a deep dive into what’s living in data lakes to ensure compliance by the time the regulation goes into effect in May, several are overlooking a critical component of the GDPR: namely, the responsibility to ensure their partners are also compliant.

Companies today are constantly exchanging data, but rarely keeping track of what information has been shared and with whom. Whether it’s vendors accessing a company’s network (in 2016, the average corporate network was accessed by different 89 vendors every week) or employees emailing information to clients and partners, unrecorded data sharing puts organizations at risk of violating the GDPR and facing fines of up to four percent of their total annual revenue. So how can businesses ensure they are tracking with whom data is shared and working with compliant partners?

The answer is data lineage. Already in use by many organizations – specifically those in highly regulated industries like insurance and banking – data lineage allows organizations to trace the movement of data from its source to its point of use, providing visibility into all the ways it has changed from point to point. This knowledge increases confidence in the data enabling organizations to make business decisions faster, recognize the value of their data and – perhaps most importantly – maintain data-related regulatory compliance.

Without detailed data lineage, businesses cannot prove how data has moved throughout the organization or where it went once it left, which will be key come May 2018. For years, design documents have been the “good enough” solution, but they work on theory, not facts, which is unacceptable when there is a need to provide regulators and auditors with proof of how data is being used and by whom who it is being used. Once the GDPR goes into effect, if businesses can’t discover data sources, document and create a visual representation of data flow, and provide a single source of truth, they could face serious problems demonstrating compliance.

GDPR non-compliance can be the difference between being a $100 million dollar company and a $96 million dollar company which – though it may not seem like much – for many companies it can be the difference between breaking even and turning a profit. With data lineage, organizations have the tools and visibility they need to remain GDPR compliant, which may mean restricting the network access of outside vendors to only those that absolutely need it, updating external data-sharing policies, or simply reaching out to vendors, partners and customers to confirm that they are preparing for and will be compliant with the GDPR (and requiring them to do so if they haven’t).

Now is the time to implement a sound data lineage policy. Make sure you’re ready for May.


Sign up for the free insideBIGDATA newsletter.

Speak Your Mind