Enacting Data Subject Access Rights for GDPR with data services and data management

Description

GDPR is more than another regulation to be handled by your back office. As stated by the European Commission, “The primary objective of this new set of rules is to give citizens back control over of their personal data.” And surveys show that European citizens are eager to apply for those new fundamental rights, such as access to information, data portability, and the right to be forgotten. Will you be ready to deliver, or will you be forced to tell your customers that unfortunately, you are not yet ready to respect their rights?

Enacting the GDPR’s Data Subject Access Rights (DSAR) requires practical actions. There’s a mandate for an integrated data governance strategy to establish your data inventory, operationalize controls, foster accountability across teams and ensure compliance, and finally unleash personal data to your customers, employees, visitors, and prospects. Only a strong data governance program on top of a modern, collaborative data hub ensures that you have the policies, standards, and controls in place to enforce compliance.

Jean-Michel Franco outlines the practical steps to deploy governed data services that:

• Know your customers and employees with a data inventory
• Track and trace data using audit trails and data lineage
• Manage and propagate opt-in consent across customer-facing applications
• Reconcile and protect your sensitive data in a data hub with automated controls, data stewardship, and data masking
• Respect the rights for your data subjects with collaborative data management and portals