Preparing for GDPR
The General Data Protection Regulation (GDPR) is a European Union regulation that took effect on May 28, 2018. It applies to all businesses headquartered in the EU, as well as those outside of the region if they offer goods or services to, or monitor the behavior of, people living in EU countries.
Failure to comply with GDPR can expose your organization to a penalty of up to 4% of global revenue. Preparing for GDPR, and making sure your data architecture is compliant with the regulation, is of utmost importance.
Preparing for GDPR’s privacy guidelines
When preparing for GDPR, it’s important to keep in mind the privacy guidelines it outlines:
- The Customer has the right to be forgotten.
- The Customer has the right to data portability across service providers.
- The Customer has the right to accountability and redress.
- The Customer has the right to request proof that they opted in.
- The Customer is entitled to rectification of errors.
- The Customer has the right of explanation for automated decision-making that relates to their profile.
It’s also important to remember that preparing for GDPR isn’t just for the marketing department; all lines of business must comply with GDPR, so a holistic approach to data governance and data privacy is required in order to satisfy GDPR requirements.
Preparing your organization to comply with GDPR in 2018 and beyond
It’s easy to be complacent about how well your organization has prepared for GDPR. But one of the most important aspects of GDPR preparation is identifying the blind spots in your organization’s GDPR compliance model. And, much like the blind spot in varying car models — it differs for every organization.
When looking for your company’s GDPR blind spot you need to ask yourself a few questions:
- How do you measure your organization’s GDPR readiness and define the milestones to address the identified gaps
- How does your organization know with certainty what data they have, where it is, and who is accessing it?
- How can your organization calculate their data compliance ratio with accuracy if the data is not validated against specific, relevant, GDPR principles?
- What about the future? Is there a sustainable plan for ongoing regulatory compliance after May 2018?
Talend can help your organization prepare for GDPR
Whether you are far along on your path to better data-driven decision making, or just beginning your journey, preparing for GDPR is a given, particularly as the sources, volume, and types of data continue to grow. Talend has provided numerous resources on how to prepare for GDPR.
5 Pillars for GDPR Compliance
In response to the popularity of our 5 Pillars for GDPR Compliance on-demand webinar, we have expanded the video into separate articles as well:
- Pillar 1: Data Classification and Lineage
- Pillar 2: Data Capture and Integration
- Pillar 3: Anonymize and Pseudonymize for Data Protection with Data Masking
- Pillar 4: Self-Service Curation and Certification
- Pillar 5: Data Access and Portability
Additional GDPR Resources
- Data Governance and Sovereignty: 16 Practical Steps towards Global Data Privacy Compliance
- GDPR: A quick way to reduce scope
- Getting Personal with Customers through GDPR
- GDPR Best Practice: Using a Data Hub to Protect Personal Data
- Practical Steps to GDPR Compliance
Additionally, don't miss these articles and blog posts on GDPR preparation:
- The Six Biggest GDPR Pitfalls Everyone Must Avoid
- An Introduction to the Global Data Protection Regulations (GDPR)
- Danger Zone: How Big is Your GDPR Blind Spot?
- How GDPR will change the relationship between organizations and cloud service providers
- The Internet of Things and the Threat it Poses to GDPR Compliance
- Digital Transformation and GDPR: How Self-Service Data in the Cloud Can Help
Preparing for GDPR is forcing every enterprise to carefully think about their data governance, data privacy, and data architecture initiatives. Don’t be left behind. Check out the resources that Talend has prepared to help you to get you ready for enterprise data practices today, tomorrow, and the future.
And if you need more tangible solutions, see how Talend's GDPR solutions can help get your organization ready.
More related articles
- Pillars to GDPR Success (2 of 5): Data Capture and Integration
- Pillars to GDPR Success (4 of 5): Self-Service Curation and Certification
- Pillars to GDPR Success (3 of 5): Anonymize and Pseudonymize for Data Protection with Data Masking
- Pillars to GDPR Success (5 of 5): Data Access and Portability
- [GDPR Step 14] How to Govern the Lifecycle of Information
- Pillars to GDPR Success (1 of 5): Data Classification and Lineage
- PCI DSS: Definition, 12 Requirements, and Compliance
- [GDPR Step 15] How to Set Up Data Sharing Agreements
- [GDPR Step 16] How to Enforce Compliance with Controls
- [GDPR Step 13] How to Manage End-User Computing
- [GDPR Step 11] How to Stitch Data Lineage
- [GDPR Step 09] How to Conduct Vendor Risk Assessments
- [GDPR Step 12] How to Govern Analytical Models
- [GDPR Step 10] How to Improve Data Quality
- [GDPR Step 08] How to Conduct Data Protection Impact Assessments
- [GDPR Step 07] How to Establish Data Masking Standards
- [GDPR Step 3] How to Confirm Data Owners
- [GDPR Step 06] How to Define Acceptable Use Standards for GDPR
- [GDPR Step 2] The Importance of Creating Data Taxonomy
- [GDPR Step 4] How to Identify Critical Datasets and Critical Data Elements
- What is Data Portability?
- [GDPR Step 01] How to Develop Policies, Standards, and Controls
- What is Data Privacy?
- [GDPR Step 5] How to Establish Data Collection Standards