Presented By O'Reilly and Cloudera
Make Data Work
Dec 4–5, 2017: Training
Dec 5–7, 2017: Tutorials & Conference

GDPR: Getting your data ready for heavy, new EU privacy regulations

Mark Donsky (Okera), Steven Ross (Cloudera)
5:05pm5:45pm Wednesday, December 6, 2017

Who is this presentation for?

  • DBAs, sysadmins, vice presidents of data management, CIOs, analytics leads, and anyone doing business in Europe

What you'll learn

  • Understand the breadth and impact of the General Data Protection Regulation, as well as the strategies to simplify compliance


The General Data Protection Regulation (GDPR) will go into effect on May 25, 2018, for all organizations that offer services to EU residents, as well as anyone who controls or processes data within the EU. Unlike familiar regulations that deal with financial and security matters, GDPR deals specifically with broad data privacy and grants individuals in the EU the following rights:

  • The right to personal data protection, ensuring that personal data is handled with industry-standard data security controls and best practices, including data protection by design and cross-border data transfer prevention
  • The right to data portability so that individuals can choose to take their data elsewhere
  • The right to be forgotten and to erasure so that individuals can request deletion
  • The right to notification of personal data breach, ensuring that any data breach is communicated to both authorities and users

Within companies, GDPR compliance is an enterprise-wide business problem requiring a massive cross-departmental effort that touches upon oversight, technology, processes, and people. With fines for violations that could be as high as €20 million or 4% of global annual revenue, now is the time to ensure your data environment is flexible enough to meet the needs of current and future regulatory regimes. While simple and straightforward from a political perspective, the data center implications of this legislation are complex. Steven Ross and Mark Donsky outline the capabilities your data environment needs to simplify compliance with GDPR and future regulations.

Topics include:

  • Metadata classification on ingest
  • Integration with speciality tools that can profile and tag datasets
  • Column-level lineage to view how impacted data is used
  • Fine-grained data authorization so only users who need data access have data access
  • Comprehensive encryption at rest and in motion, with separation of duties so admins can’t access user data
  • Data organization and anonymization, minimizing the locations of personal data
  • Data erasure strategies for compliance with the right to be forgotten
Photo of Mark Donsky

Mark Donsky


Mark Donsky leads product management at Okera, a software provider that provides discovery, access control, and governance at scale for today’s modern heterogeneous data environments. Previously, Mark led data management and governance solutions at Cloudera. Mark has held product management roles at companies such as Wily Technology, where he managed the flagship application performance management solution, and Silver Spring Networks, where he managed big data analytics solutions that reduced greenhouse gas emissions by millions of dollars annually. He holds a BS with honors in computer science from the University of Western Ontario.

Photo of Steven Ross

Steven Ross


Steve Ross is the director of product management at Cloudera, where he focuses on security across the big data ecosystem, balancing the interests of citizens, data scientists, and IT teams working to get the most out of their data while preserving privacy and complying with the demands of information security and regulations. Previously, at RSA Security and Voltage Security, Steve managed product portfolios now in use by the largest global companies and hundreds of millions of users.