GDPR compliance: We need to comply but where to begin?

Florian Douetteau co-founder and CEO of Dataiku

When it comes to the EU General Data Protection Regulation (GDPR), businesses know they need to comply, but aren’t sure where to begin (or don’t think it’s time to start yet).

The GDPR will be officially enforced beginning on May 25, 2018, and while it’s still over a year away, now is the time to get started. Not only should systems and processes to support GDPR changes ideally be in place well before this deadline, but regulations aside, it’s good practice to put data governance measures in place as soon as possible if they don’t already exist, says Florian Douetteau is co-founder and CEO of Dataiku.

The big picture

Taking a quick step back for those who haven’t been paying attention to the latest on GDPR, some of the most important components, put very briefly, are:

    • Application: The GDPR applies to any company (regardless of their location, size, and sector) processing the personal data of people residing in the EU. This means even businesses in the United Kingdom dealing with the uncertainty of Brexit will likely have to comply anyway if they have customers in the EU. And even for businesses strictly limited to the UK, note that the UK government has indicated it will implement an equivalent or alternative legal mechanisms that will be largely similar to GDPR.
    • Responsibility: Under GDPR, both data controllers and processors must comply with the legislation.
    • Data subjects’ rights: EU data subjects will have expanded rights when it comes to data protection, including the right to be forgotten, to access data about them, and to question decisions made purely on an algorithmic basis.
    • Internal record-keeping requirements: Depending on the nature of the organisation, this may also include the appointment of a specific Data Protection Officer (DPO).

Key challenges and resolutions

The GDPR brings about several major challenges that businesses will need to address before the enforcement deadline.

The most daunting of these challenges surround data governance, organisational structure, and cross-team collaboration, including:

  1. Determining where personal data is stored across potentially multiple different siloed data sources. This can be addressed by centralising access to all data (no matter where it’s stored) to one location. There are plenty of tools out there that can easily provide this type of governance and connect to multiple data sources, centralising access to all data (including personal and sensitive data) for the entire organisation.
  2. Aligning everyone across the company (including IT, marketing, customer support, and data teams) on new policies and execution of any changes. Data science platforms can also help facilitate the alignment of teams around a common goal of compliance. When everyone is working with data in the same space, team leaders can keep an eye out, and any violations can immediately be raised and resolved before they expose the company to liability.
  3. Putting processes in place to accommodate requests from data subjects and ensuring all teams can execute on processes in a timely matter. Instituting a central environment where customer teams can self-serve and provide the information for the customer without having to ask the data team will likely be the most efficient method. Logged access so that it’s very clear who fulfilled these requests and when should questions (or an audit) arise is a key consideration for the central environment being used. Robust data science platforms allow the flexibility of using black box or interpretable models depending on the use case, and for the latter, any requests for justification of decisions decided by an algorithm will be simple to field.
  4. Ensuring proper data governance, security, and monitoring are in place in case of audit. If you’ve addressed the previous challenges, you’ve already gotten started: by centralising all data work into one place, data governance and potential audits are easy. Security can be tightly controlled via a data science platform, eliminating the risk of rogue personal data floating around on employees’ laptops on local spreadsheets.

What are you waiting for?

These challenges only scratch the surface when it comes to the changes your organisation might need to make in order to comply with the new GDPR. But centralising and standardising data practices by choosing a data science platform that addresses many components of the regulations in one fell swoop is a great place to start.

And getting started in GDPR compliance doesn’t have to be just something to check off your list – take advantage of the opportunity to streamline your big data strategy and not only meet regulatory requirements, but empower teams across the organisation working with data to become more efficient and scalable.

The author of this blog is Florian Douetteau is co-founder and CEO of Dataiku

About the author:

Florian Douetteau is co-founder and CEO of Dataiku, the maker of the all-in-one data science software platform Dataiku Data Science Studio (DSS), a unique advanced analytics software solution that enables companies to build and deliver their own data products more efficiently.

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

RECENT ARTICLES
Abstract technology secure background

SandboxAQ’s AQtive Guard deployed by SoftBank for cryptographic security

Posted on: April 16, 2024

SandboxAQ have announced the deployment of its AQtive Guard cryptography management platform by the Advanced Research Group of SoftBank. This followed testing of AQtive Guard’s abilities to discover cryptographic and certificate-based vulnerabilities to AI-based and quantum computer-based cyber attacks against IT systems, including networks, end-points and applications.

Read more
futuristic hand working laptop

VOZIQ AI sets AI retention strategy for Hawx

Posted on: April 15, 2024

VOZIQ AI recently concluded the executive review meeting with Hawx’s leadership team, where VOZIQ AI’s chief data scientist, Vasudeva Akula, rolled out a 365-day roadmap for proactive customer experience management, proactive renewals and loyalty management, using AI driven insights for each customer.

Read more
FEATURED IoT STORIES
What is IoT answer

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more
iot adoption

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more
IoT Now Enterprise Buyers’ Guide Which IoT Platform 2021

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more
CAT-M1 vs NB-IoT

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more
internet of things isometric illustration of connected things

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
iot challenges and issues

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more