Managing enterprise information has always been a good idea, however with the potential for looming penalties from the General Data Protection Regulation (GDPR) non-compliance, companies are waking up and some organizations are even seeing GDPR as an opportunity to establish strengthened relationships with their customers.
Wherever we are in the world, every organization needs to tune into how people’s personal information is being used, thanks to this new and powerful piece of legislation on data privacy. Here’s why — even if you’re only using details about European data subjects to sharpen your target market and not directly make money from them, the GDPR could potentially cost you up to 4% of your total annual worldwide turnover or 20 million Euros (whichever is greater) per incident.
That’s how the GDPR will get the attention of every organization, ensuring their commitment in protecting the personal data rights of every data subject. We’re already in the transition period, so you have no time to lose. The compliance deadline is May 25, 2018.
Identify and classify personal data with Industry Models
The GPDR safeguards the rights of the individual, putting them in charge of the way in which their own personal information — such as their name, address, blood type — can be used for specific processing activities. As the compliance deadline of May 2018 looms, acceleration is key. IBM offers comprehensive solutions, services and expertise to help support your journey to GDPR readiness. And we think the best place to start your efforts is through IBM Industry Models.
Let’s start with the basics — what is meant by personal data, and how can organizations list out the ways in which it is or is not okay for them to use that data? Organizations can tailor out-of-the-box processing activity types to help them standardize how consent is sought from people across all touchpoints within the organization.
Industry Models also help identify the rights of data subjects, such as the right to erasure and right to data portability, tracking response time regarding mandatory time limits. This helps organizations to engage consistently and responsibly with their data subjects, data controllers and processors — all while maintaining a foundation for data discovery and further analysis.
Gaining control of your data
So, with the help of IBM, you can provide a comprehensive view of each person — be they a customer or employee — supporting individual access, control or rectification of their personal data as required by the regulation.
This is an opportunity to get your house in order. Building on Industry Models can give you a strong accelerated foundation for future data-driven value creation — building on better managed information to identify new opportunities for new products, to understand a more fully filled out picture of risk and to accelerate digital strategies.
IBM Industry Models for GDPR are available for the banking and financial markets, as well as the insurance, energy and utilities industries. Working with many organizations already, IBM has seen clients struggle to classify what personal data means, and how to find that data in existing systems. IBM Industry Models can help you address such challenges for the GDPR.
Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations.
The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.