As IT organizations begin to contemplate the breadth and scope of a General Data Protection Regulation (GDPR) that the European Union (EU) is scheduled to implement on May 25th, 2018, the biggest issue many of them will face is simply determining which data they have is affected by the rule.
To help IT organizations sort that issue out, Informatica is making available an instance of its data governance platform that is optimized for complying with GDPR. Amit Walia, chief product officer and executive vice president of Informatica, says Informatica Data Governance & Compliance for GDPR applies the metadata analytics and machine learning algorithms that Informatica has embedded in a CLAIRE engine specifically to determining what data sets need to be brought into GDPR compliance.
“No one in most organizations knows what is in GDPR scope,” says Walia.
Informatica Data Governance & Compliance for GDPR consists of three modules. Informatica Secure@Source determines what data an organization possesses that falls within the scope of GDPR. An Informatica Axon module then identifies who in the organization owns that data. Finally, an Informatica Enterprise Information Catalog employs machine learning algorithms and scans all GDPR relevant data to make it simpler to manage ongoing GDPR initiatives.
On the face of it, GDPR is an exercise in securing personally identifiable information (PII). In fact, GDPR requires any organization that conducts any kind of business with a citizen of the EU to fundamentally change the way they manage data, including designating someone inside the organization to assume the role and responsibility for being the chief data officer. Fines for failing to comply potentially range from up to 20 million Euros to 4 percent of revenue, depending on which amount is greater.
Most organizations are still in the early stages of comprehending the implications of GDPR. But the more IT organizations investigate GDPR, the more they will find that proving, for example, that they can “forget” ever doing business with someone is an IT issue that will span the entire organization. Given the fact that GDRP is scheduled to go into effect in less than 322 days, it’s very likely that sometime after this summer, many IT organizations are about to also discover just how much of their time will be taken up achieving GDPR compliance between now and next May.