Almost eleven months from now, on May 25, 2018, the General Data Protection Regulation (GDPR) will come into effect in the European Union. Chances are you've already seen quite a bit of buzz surrounding GDPR and for good reason--it represents a significant change in how data will be handled around the world.
But if you're still getting up to speed, or you are one of the 50% of affected organisations worldwide who will be unprepared one year from now, most of the provisions and stipulations boil down to one simple thing: data governance. And by putting solid data governance practices in place, you'll be well on your way to compliance.
For companies in Big Data (or any data for that matter), one of the most daunting things about the GDPR is that organisations have already accumulated massive amounts of data and the regulations apply not just going forward, but retroactively as well. The path towards GDPR compliance for Big Data organisations begins by identifying the five critical challenges:
Accommodating Data Subject Requests
Determining where personal data is stored across multiple different (potentially siloed) data sources
When it comes to the GDPR, organizations will ultimately need to take stock of where all their data is stored and ensure that it is accessible, but only to those with a business need to access it. Data team leaders (and DPOs if they are required for your organization under the GDPR) should be able to easily understand and audit data sources, who has access to what, and what sources are being used for which projects.
Aligning everyone across the company (including IT, marketing, customer support, and data teams) on new policies and execution of any changes. The GDPR changes will certainly force any organization not currently fostering collaboration between teams to do so quickly. But it's not just a matter of increasing communication over email or company chat. There will need to be a certain amount of transparency surrounding data protection that allows a customer service team to field requests without having to ask the data team for an answer every time or the marketing team to understand what the GDPR restrictions are and not inadvertently violate them when completing a customer targeting project. Additionally, data teams working on new projects can communicate back to the legal team responsible for maintenance of the customer consent agreement and...