Executive Briefing: Big data in the era of heavy worldwide privacy regulations

Description

General Data Protection Regulation (GDPR) went into place on May 25, 2018 for all organizations – both EU and non-EU – that offer services to EU residents, as well as anyone who controls or processes data within the EU.

The State of California is following suit with its California Consumer Protection Act (CCPA), targeted to be in enforced in 2020. Although similar to GDPR, CCPA impacts a different set of organizations with different privacy requirements.

GDPR and CCPA compliance is an enterprise-wide business problem requiring a massive cross-departmental effort that touches upon oversight, technology, processes, and people. With fines for violations, now is the time to ensure your data environment is flexible enough to be meet the needs of current and future regulatory regimes.

While simple and straight-forward from a political perspective, the datacenter implications of this legislation are complex. This session will cover overview of CCPA and GDPR, including what it would likely take to be compliant, including:

• Metadata classification on ingest
• Integration with speciality tools that can profile and tag data sets
• Column-level lineage to view how impacted data is used
• Fine-grained data authorization so only users that need data access have data access
• Comprehensive encryption at-rest and in-motion, with separation of duties so admins can’t access user data
• Data organization and anonymization minimizing the locations of personal data
• Data erasure strategies for compliance with the right to be forgotten