SlideShare une entreprise Scribd logo

DAMA Ireland - GDPR

DAMA Ireland
DAMA Ireland

The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance. Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)

Données & analyses
1  sur  44
Télécharger pour lire hors ligne
Everything is about to change…
GDPR becomes enforceable
One ring to rule them all*… *With up to 50 areas of local variation in 28 Member States
PenaltiesPenalties • Failure to implement appropriate security measures • Failure to implement Data Protection by Design/by Default • Failure to ensure governance of data processors • Failure to conduct a PIA where required • Failure to maintain records of processing activities • Failure to have processes to support Data Subject rights • Breach of core Data Protection principles • Failure to ensure lawful basis for processing • Failure to meet conditions for consent • Failure to respect/comply with rights of data subject • Failure to ensure data transfers on valid basis • Failure to comply with order of the DPC Administration & Governance Offences Fundamental Rights & Duties Offences 2% of Global Turnover (or €10,000,000) [which ever is greater] 4% of Global Turnover (or €20,000,000) [which ever is greater]
LiabilityLiability  Civil liability for both material damage and immaterial damage  Data Protection breaches can get you sued!  An evolution of existing rights
The Problem with how most organisations do Data PrivacyThe Problem with how most organisations do Data Privacy
The Need for Holistic ThinkingThe Need for Holistic Thinking  Need to consider the entire environment Information Environment Ethical Environment  Legal can’t fix broken process designs Bad Tyre Swing Design
The Global Legislative TrendThe Global Legislative Trend 7 17 36 68 110 1970s 1980s 1990s 2000s 2010-2016 Total Global Data Privacy Law Within this, there is also continued evolution of existing Data Privacy laws (e.g. EU Data Protection Regulation)
castlebridge associates |www.castlebridge.ie | www.dataprotectionofficer.ie Castlebridge changing how people think about information The GDPR and DMBOKThe GDPR and DMBOK
GDPR SummarisedGDPR Summarised Regulatory “One Stop Shop” Core Principles Increased Penalties Risk based approach to Data Protection Explicit Focus on Governance Principles Driven Principles Driven Stricter Consent (where consent only basis) Enhanced Rights: Data Portability; RTBF; Risk & Penalty Mitigation Documentation Data Protection Officer Evidence of Effectiveness Risk & Penalty Mitigation Enforcement against Data Processors Extra territoriality Fines as % of Global Turnover Mitigating Factors 1. Lawfulness, fairness, transparency 2. Purpose Limitation 3. Data Minimisation 4. Accuracy 5. Storage Limitation 6. Integrity & Confidentiality 7. Accountability + Article 1, 7, and 8 ECHR Privacy by Design/Default
The GDPR Principles – An evolution…The GDPR Principles – An evolution… Fair Obtaining Purpose Specification Purpose Limitation Security Accuracy Adequate / Relevant Retention Data Subject Rights Lawfulness, fairness, transparency Purpose Limitation Data Minimisation Accuracy Storage Limitation Integrity & Confidentiality Accountability
The Accountability PrincipleThe Accountability Principle  “The Controller shall be responsible for, and be able to demonstrate compliance with…” Article 5(2) General Data Protection Regulation  “The Controller shall be responsible for, and be able to demonstrate compliance with…” Article 5(2) General Data Protection Regulation Creates a positive duty to actively monitor and govern the management of personal data “Shelf-ware” policies and reactive responses to issues do not demonstrate compliance
One key change: Some new definitionsOne key change: Some new definitions Personal Data: any information relating to an identified or identifiable natural person who can be identified either directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity of that person Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organising, structuring, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; Definition of processing is slightly broader in terms of the things that might constitute personal data… HOARDS still valid as a way of remembering what Processing is…
One key change: Some new definitionsOne key change: Some new definitions Profiling: any form of automated processing consisting of using data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements Personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed A broad category of activity – “automated processing” now clearly defined Current Irish DPC Code of Practice includes “risk of breach”
A clearly defined test for “Compatible Purpose”A clearly defined test for “Compatible Purpose”  Is there a link between the purposes?  What was the context of collection, in particular relationship between Controller & Data Subjects  What is the data?  What are the risks/possible consequences to the data subject?  What safeguards are being put in place to protect fundamental rights?
New Duties: Privacy By Design/DefaultNew Duties: Privacy By Design/Default  Privacy is the default setting for processes.  Must ensure appropriate controls are in place in design and development  Must ensure appropriate tech and organisational measures are in place to minimise access to data for particular purposes  Privacy is the default setting for processes.  Must ensure appropriate controls are in place in design and development  Must ensure appropriate tech and organisational measures are in place to minimise access to data for particular purposes
New(ish) Duty: Data Security BreachNew(ish) Duty: Data Security Breach  Largely as per current DPC Code of Practice  Must notify DPC “without undue delay” or within 72 hours, unless breach is unlikely to result in risk to individuals rights/freedoms  Any delay over 72 hours will require a reasoned justification  Communication to Data Subject required if there is a high risk to rights and freedoms.  Not required if data is unintelligible (e.g. encrypted)  Not required if controller has taken steps to eliminate risk of impact to rights/freedoms  Not required if a disproportionate effort  DPC has final say.
New Role: The Data Protection OfficerNew Role: The Data Protection Officer  Not mandatory in all cases, but recommended  Will be mandatory for public authorities or organisations that engage in systematic monitoring on a large scale or process sensitive personal data on a large scale  Member States may set their own rules locally  DPO must have “expert knowledge of data protection law and practices and an ability to fulfil tasks” of the DPO.  May be a member of staff or may be a contractor  Contact details should be published and communicate to the DPC.
New Role: The Data Protection OfficerNew Role: The Data Protection Officer  A public facing role (can be contacted by Data Subjects)  Must be involved in a “timely manner” in all issues relating to processing of personal data  E.g. system design and specification  Must be supported by Data Controller in execution of tasks and maintaining knowledge.  Must be able to act independently in relation to Data Protection tasks (  Should report to the most senior executive level  Role is to  Inform and advise  Monitor compliance with externa legislation and internal policies and procedures, including training  Supporting Privacy Impact Assessments  Acting as contact point for DPC  Cannot be dismissed or penalised for performing Data Protection tasks
A Focus on Governance & ControlsA Focus on Governance & Controls Article 23: Privacy by Design & Default Article 33: Data Protection Impact Assessment Article 28: Documentation Article 35: Data Protection Officer Article 37: Tasks of DPO Article 33(8): Data Protection Compliance Review Article 37: Tasks of DPO
Data Privacy in the DMBOK WheelData Privacy in the DMBOK Wheel © DAMA International, used with permission
Data Governance Data Protection Data Quality TRUST The Anatomy of the StoolThe Anatomy of the Stool Internal Uses (e.g. Analytics) Customer “value” perception External Uses (e.g. Open Data)
Data Privacy: PrinciplesData Privacy: Principles GDPR Data Governance Data Quality Lawfulness, fairness, and transparency Purpose Limitation Data Minimisation Accuracy Storage Limitation Integrity and Confidentiality Accountability Data Subject Rights
Relevant Dimensions of Information QualityRelevant Dimensions of Information Quality Information Quality Dimension 95/46/EC ePrivacy Regs EUDATAP Accuracy X X X Completeness X X X Timeliness X X X Consistency X X Conformity X X Relevance/Not Excessive X X Adequacy (for purpose) X X Duplication X X Quality of Data Definition (business & tech) X X Information Product Specification X X X
Defining Information Quality & Information Quality Management Defining Information Quality & Information Quality Management
Overview of an IQM FrameworkOverview of an IQM Framework The Ten Steps™ Process © Danette McGilvray
Based on 9-box model developed by Abcouwer, A.W., Maes, R. Truijens, J, Amsterdam Univeristy (1997-2003)
Data Privacy in the DMBOK WheelData Privacy in the DMBOK Wheel © DAMA International, used with permission
What is Data Governance in DMBOK?What is Data Governance in DMBOK? Definition: The exercise of authority and control (planning, monitoring, and enforcement) over the management of data assets.. Goals: • To define, approve, and communicate data strategies, policies, standards, architecture, procedures, and metrics. • To track and enforce regulatory compliance and conformance to data policies, standards, architecture, and procedures. • To sponsor, track, and oversee the delivery of data management projects and services. • To manage and resolve data related issues. • To understand and promote the value of data assets. Activities: 1. Data Management Planning • Understand Strategic Enterprise Data Needs • Develop and Maintain the Data Strategy • Establish Data Professional Roles and Organizations • Identify and Appoint Data Stewards • Establish Data Governance and Stewardship Organizations • Develop and Approve Data Policies, Standards, and Procedures • Review and Approve Data Architecture • Plan and Sponsor Data Management Projects and Services • Estimate Data Asset Value and Associated Costs 2. Data Management Control • Supervise Data Professional Organizations and Staff • Coordinate Data Governance Activities • Manage and Resolve Data Related Issues • Monitor and Ensure Regulatory Compliance • Monitor and Enforce Conformance With Data Policies, Standards, and Architecture • Oversee Data Management Projects and Services • Communicate and Promote the Value of Data Assets Inputs Outputs Inputs: • Business Goals • Business Strategies • IT Objectives • IT Strategies • Data Needs • Data Issues • Regulatory Requirements Primary Deliverables: • Data Policies • Data Standards • Resolved Issues • Data Management Projects and Services • Quality Data and Information • Recognized Data Value
Data Privacy: Data GovernanceData Privacy: Data Governance Principle Governance Quality Personal data which is being processed must be fairly obtained and processed X Personal Data shall be obtained for a Specified and Lawful Purpose X Personal Data shall not be processed in a manner incompatible with the specified purpose X Personal Data shall be kept accurate and complete and, where necessary, kept up to date X Personal Data should be kept Safe & Secure X Data processed must be adequate, relevant and not excessive X X Personal data should not be kept for longer than necessary for the specified purpose or purposes X X Data Subjects have a right of Access. X
Understanding Information/Data StewardshipUnderstanding Information/Data Stewardship Information Stewardship is: An ethic that embodies responsible planning and management of Information Resources through… The acceptance or assignment of responsibility to shepherd and safeguard the Information Assets of others, both inside the organisation and beyond
A Holistic Framework?A Holistic Framework? Based on 9-box model developed by Abcouwer, A.W., Maes, R. Truijens, J, Amsterdam Univeristy (1997-2003) Data Protection Officer Documentation & Controls Evidence of Effective Operation Privacy Expectation met or exceeded!
Different Types of Data StewardDifferent Types of Data Steward Strategic Operational Tactical Doers Definers Deciders Co-ordinators           The D3C Model™ © 2013 Castlebridge Associates
The Data Protection/Privacy Officer RoleThe Data Protection/Privacy Officer Role • Reporting to Executive Board • Must be Independent • Technical and Business skills • Accountable for the System of Governance • “Statutory Tenure” • Relationship to CDO, CPO, CIO etc.
A Data Stewardship Mind Map – Standards?A Data Stewardship Mind Map – Standards? Governance & Stewardship Data Use Steward (Doer/Definer) UX Requirements Privacy Reporting Screens & Reports Quality Screen & Reports Content Design & Aesthetics Data Governance Reqts (Co-ordinator) Data Standards Compliance Use of Metadata Documentation Metric Driven Quality Assurance Data Management Structure Data Collection Steward (Doer/Definer) Data Classification (PII, Sensitive) Encryption Business Content Rules Privacy Rules Privacy Reqts Steward (Decider/Definer) Purpose Notice Consent Transfer (3rd Party) Access/Correction/Deletion Proportionality Retention Responsible Action Based on M. Dennedy & Tom Finneran
Castlebridge changing how people think about information Data Privacy & Data QualityData Privacy & Data Quality
Data Privacy in the DMBOK WheelData Privacy in the DMBOK Wheel © DAMA International, used with permission
What is Data Quality in DMBOK?What is Data Quality in DMBOK? Definition: Planning, implementation, and control activities that apply quality management techniques to measure, assess, improve, and ensure the fitness of data for use.. Goals: • To measurably improve the quality of data in relation to defined business expectations. • To define requirements and specifications for integrating data quality control into the system development lifecycle. • To provide defined processes for measuring, monitoring, and reporting conformance to acceptable levels of data quality. Activities: 1. Develop and Promote Data Quality Awareness 2. Define Data Quality Requirements 3. Profile, Analyze, and Assess Data Quality 4. Define Data Quality Metrics 5. Define Data Quality Business Rules 6. Test and Validate Data Quality Requirements 7. Set and Evaluate Data Quality Service Levels 8. Continuously Measure and Monitor Data Quality 9. Manage Data Quality Issues 10. Clean and Correct Data Quality Defects 11. Design and Implement Operational DQM Procedures 12. Monitor Operational DQM Procedures and Performance Inputs Outputs Inputs: • Business Requirements • Data Requirements • Data Quality Expectations • Data Policies and Standards • Business Metadata • Technical Metadata • Data Sources and Data Stores Primary Deliverables: • Improved Quality Data • Data Management • Operational Analysis • Data Profiles • Data Quality Certification Reports • Data Quality Service Level • Agreements Metrics: • Data Value Statistics • Errors / Requirement Violations • Conformance to Expectations • Conformance to Service Levels Tools: • Data Profiling Tools • Statistical Analysis Tools • Data Cleansing Tools • • Data Integration Tools • Issue and Event Management Tools
Data Protection: Quality PrinciplesData Protection: Quality Principles Principle Governance Quality Personal data which is being processed must be fairly obtained and processed X Personal Data shall be obtained for a Specified and Lawful Purpose X Personal Data shall not be processed in a manner incompatible with the specified purpose X Personal Data shall be kept accurate and complete and, where necessary, kept up to date X Personal Data should be kept Safe & Secure X Data processed must be adequate, relevant and not excessive X X Personal data should not be kept for longer than necessary for the specified purpose or purposes X X Data Subjects have a right of Access. X
Relevant Dimensions of Information QualityRelevant Dimensions of Information Quality Information Quality Dimension 95/46/EC ePrivacy Regs EUDATAP Accuracy X X X Completeness X X X Timeliness X X X Consistency X X Conformity X X Relevance/Not Excessive X X Adequacy (for purpose) X X Duplication X X Quality of Data Definition (business & tech) X X Information Product Specification X X X
Case Study: Online customer registration process, UK bankCase Study: Online customer registration process, UK bank Register for SMS alert Display proposed number Update Contact Details Select Preferred Contact Number Send SMS Updates ***9901 (no option for 2nd number) Message
Case StudyCase Study Issues: *****9901 was a number that hasn’t been used for >5 years by that account holder. Mobile phone numbers are recycled – usually 12- 18 months after termination of contract SMS containing bank details of this customer potentially being sent to a 3rd party Customer complained to UK Data Privacy Regulator Customer knows a bit about data modelling
What is Data Quality in DMBOK?What is Data Quality in DMBOK? Definition: Planning, implementation, and control activities that apply quality management techniques to measure, assess, improve, and ensure the fitness of data for use.. Goals: • To measurably improve the quality of data in relation to defined business expectations. • To define requirements and specifications for integrating data quality control into the system development lifecycle. • To provide defined processes for measuring, monitoring, and reporting conformance to acceptable levels of data quality. Activities: 1. Develop and Promote Data Quality Awareness 2. Define Data Quality Requirements 3. Profile, Analyze, and Assess Data Quality 4. Define Data Quality Metrics 5. Define Data Quality Business Rules 6. Test and Validate Data Quality Requirements 7. Set and Evaluate Data Quality Service Levels 8. Continuously Measure and Monitor Data Quality 9. Manage Data Quality Issues 10. Clean and Correct Data Quality Defects 11. Design and Implement Operational DQM Procedures 12. Monitor Operational DQM Procedures and Performance Inputs Outputs Inputs: • Business Requirements • Data Requirements • Data Quality Expectations • Data Policies and Standards • Business Metadata • Technical Metadata • Data Sources and Data Stores Primary Deliverables: • Improved Quality Data • Data Management • Operational Analysis • Data Profiles • Data Quality Certification Reports • Data Quality Service Level • Agreements Metrics: • Data Value Statistics • Errors / Requirement Violations • Conformance to Expectations • Conformance to Service Levels Tools: • Data Profiling Tools • Statistical Analysis Tools • Data Cleansing Tools • Data Integration Tools • Issue and Event Management Tools Legal requirements Ethical Requirements “The Creepy Line”
A Data Privacy KPI?A Data Privacy KPI?  EU E-Marketing rules require data to be used within 12 months from consent having been obtained or consent is nullified.  Client organisation had no assessment of how much trust they could place in their marketing data  Was facing prosecutions for breaches of rules  Developed a Dashboard  Associated a financial “Business Impact” KPI  Senior Executive were shocked at impact of not managing their customer data… 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 12 months or over 10 -12 Months 6-9 months 3-6 months 0-3 months Marketing Months since last contact ePrivacy Directive Consent Tracker Average revenue uplift of €10/ Month per campaign, 10% success rate, 1.2 million customers Opportunity Lost: €1,440,000 Value at Risk: €4,320,000

Recommandé

DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?
DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?
DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?DATAVERSITY
 
Capability Model_Data Governance
Capability Model_Data GovernanceCapability Model_Data Governance
Capability Model_Data GovernanceSteve Novak
 
Adopting a Process-Driven Approach to Master Data Management
Adopting a Process-Driven Approach to Master Data ManagementAdopting a Process-Driven Approach to Master Data Management
Adopting a Process-Driven Approach to Master Data ManagementSoftware AG
 
Modern Metadata Strategies
Modern Metadata StrategiesModern Metadata Strategies
Modern Metadata StrategiesDATAVERSITY
 
Activate Data Governance Using the Data Catalog
Activate Data Governance Using the Data CatalogActivate Data Governance Using the Data Catalog
Activate Data Governance Using the Data CatalogDATAVERSITY
 
Data Governance Best Practices
Data Governance Best PracticesData Governance Best Practices
Data Governance Best PracticesDATAVERSITY
 
Introduction to Data Governance
Introduction to Data GovernanceIntroduction to Data Governance
Introduction to Data GovernanceJohn Bao Vuu
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 

Recommandé

DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?
DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?
DAS Webinar: Emerging Trends in Data Architecture – What’s the Next Big Thing?DATAVERSITY
 
Capability Model_Data Governance
Capability Model_Data GovernanceCapability Model_Data Governance
Capability Model_Data GovernanceSteve Novak
 
Adopting a Process-Driven Approach to Master Data Management
Adopting a Process-Driven Approach to Master Data ManagementAdopting a Process-Driven Approach to Master Data Management
Adopting a Process-Driven Approach to Master Data ManagementSoftware AG
 
Modern Metadata Strategies
Modern Metadata StrategiesModern Metadata Strategies
Modern Metadata StrategiesDATAVERSITY
 
Activate Data Governance Using the Data Catalog
Activate Data Governance Using the Data CatalogActivate Data Governance Using the Data Catalog
Activate Data Governance Using the Data CatalogDATAVERSITY
 
Data Governance Best Practices
Data Governance Best PracticesData Governance Best Practices
Data Governance Best PracticesDATAVERSITY
 
Introduction to Data Governance
Introduction to Data GovernanceIntroduction to Data Governance
Introduction to Data GovernanceJohn Bao Vuu
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 
Reference master data management
Reference master data managementReference master data management
Reference master data managementDr. Hamdan Al-Sabri
 
DAS Slides: Best Practices in Metadata Management
DAS Slides: Best Practices in Metadata ManagementDAS Slides: Best Practices in Metadata Management
DAS Slides: Best Practices in Metadata ManagementDATAVERSITY
 
Data-Ed Slides: Best Practices in Data Stewardship (Technical)
Data-Ed Slides: Best Practices in Data Stewardship (Technical)Data-Ed Slides: Best Practices in Data Stewardship (Technical)
Data-Ed Slides: Best Practices in Data Stewardship (Technical)DATAVERSITY
 
Data-Ed Online: Approaching Data Quality
Data-Ed Online: Approaching Data QualityData-Ed Online: Approaching Data Quality
Data-Ed Online: Approaching Data QualityDATAVERSITY
 
The Importance of Metadata
The Importance of MetadataThe Importance of Metadata
The Importance of MetadataDATAVERSITY
 
Enterprise Data Architect Job Description
Enterprise Data Architect Job DescriptionEnterprise Data Architect Job Description
Enterprise Data Architect Job DescriptionLars E Martinsson
 
Enterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial InstitutionsEnterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial InstitutionsSheldon McCarthy
 
Requirements for a Master Data Management (MDM) Solution - Presentation
Requirements for a Master Data Management (MDM) Solution - PresentationRequirements for a Master Data Management (MDM) Solution - Presentation
Requirements for a Master Data Management (MDM) Solution - PresentationVicki McCracken
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Implementing the Data Maturity Model (DMM)
Implementing the Data Maturity Model (DMM)Implementing the Data Maturity Model (DMM)
Implementing the Data Maturity Model (DMM)DATAVERSITY
 
8 Steps to Creating a Data Strategy
8 Steps to Creating a Data Strategy8 Steps to Creating a Data Strategy
8 Steps to Creating a Data StrategySilicon Valley Data Science
 
Data Governance vs. Information Governance
Data Governance vs. Information GovernanceData Governance vs. Information Governance
Data Governance vs. Information GovernanceDATAVERSITY
 
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality ManagementAhmed Alorage
 
Infographic: Data Governance Best Practices
Infographic: Data Governance Best Practices Infographic: Data Governance Best Practices
Infographic: Data Governance Best Practices Enterprise Management Associates
 
Glossaries, Dictionaries, and Catalogs Result in Data Governance
Glossaries, Dictionaries, and Catalogs Result in Data GovernanceGlossaries, Dictionaries, and Catalogs Result in Data Governance
Glossaries, Dictionaries, and Catalogs Result in Data GovernanceDATAVERSITY
 
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...Christopher Bradley
 
Ebook - The Guide to Master Data Management
Ebook - The Guide to Master Data Management Ebook - The Guide to Master Data Management
Ebook - The Guide to Master Data Management Hazelknight Media & Entertainment Pvt Ltd
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
How to identify the correct Master Data subject areas & tooling for your MDM...
How to identify the correct Master Data subject areas & tooling for your MDM...How to identify the correct Master Data subject areas & tooling for your MDM...
How to identify the correct Master Data subject areas & tooling for your MDM...Christopher Bradley
 
Data Quality Best Practices
Data Quality Best PracticesData Quality Best Practices
Data Quality Best PracticesDATAVERSITY
 
What is CT- DPO.pdf
What is CT- DPO.pdfWhat is CT- DPO.pdf
What is CT- DPO.pdftsaaroacademy
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? SecurityScorecard
 

Contenu connexe

Tendances

Reference master data management
Reference master data managementReference master data management
Reference master data managementDr. Hamdan Al-Sabri
 
DAS Slides: Best Practices in Metadata Management
DAS Slides: Best Practices in Metadata ManagementDAS Slides: Best Practices in Metadata Management
DAS Slides: Best Practices in Metadata ManagementDATAVERSITY
 
Data-Ed Slides: Best Practices in Data Stewardship (Technical)
Data-Ed Slides: Best Practices in Data Stewardship (Technical)Data-Ed Slides: Best Practices in Data Stewardship (Technical)
Data-Ed Slides: Best Practices in Data Stewardship (Technical)DATAVERSITY
 
Data-Ed Online: Approaching Data Quality
Data-Ed Online: Approaching Data QualityData-Ed Online: Approaching Data Quality
Data-Ed Online: Approaching Data QualityDATAVERSITY
 
The Importance of Metadata
The Importance of MetadataThe Importance of Metadata
The Importance of MetadataDATAVERSITY
 
Enterprise Data Architect Job Description
Enterprise Data Architect Job DescriptionEnterprise Data Architect Job Description
Enterprise Data Architect Job DescriptionLars E Martinsson
 
Enterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial InstitutionsEnterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial InstitutionsSheldon McCarthy
 
Requirements for a Master Data Management (MDM) Solution - Presentation
Requirements for a Master Data Management (MDM) Solution - PresentationRequirements for a Master Data Management (MDM) Solution - Presentation
Requirements for a Master Data Management (MDM) Solution - PresentationVicki McCracken
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Implementing the Data Maturity Model (DMM)
Implementing the Data Maturity Model (DMM)Implementing the Data Maturity Model (DMM)
Implementing the Data Maturity Model (DMM)DATAVERSITY
 
Data Governance vs. Information Governance
Data Governance vs. Information GovernanceData Governance vs. Information Governance
Data Governance vs. Information GovernanceDATAVERSITY
 
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality ManagementAhmed Alorage
 
Glossaries, Dictionaries, and Catalogs Result in Data Governance
Glossaries, Dictionaries, and Catalogs Result in Data GovernanceGlossaries, Dictionaries, and Catalogs Result in Data Governance
Glossaries, Dictionaries, and Catalogs Result in Data GovernanceDATAVERSITY
 
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...Christopher Bradley
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
How to identify the correct Master Data subject areas & tooling for your MDM...
How to identify the correct Master Data subject areas & tooling for your MDM...How to identify the correct Master Data subject areas & tooling for your MDM...
How to identify the correct Master Data subject areas & tooling for your MDM...Christopher Bradley
 
Data Quality Best Practices
Data Quality Best PracticesData Quality Best Practices
Data Quality Best PracticesDATAVERSITY
 

Tendances (20)

Reference master data management
Reference master data managementReference master data management
Reference master data management
 
DAS Slides: Best Practices in Metadata Management
DAS Slides: Best Practices in Metadata ManagementDAS Slides: Best Practices in Metadata Management
DAS Slides: Best Practices in Metadata Management
 
Data-Ed Slides: Best Practices in Data Stewardship (Technical)
Data-Ed Slides: Best Practices in Data Stewardship (Technical)Data-Ed Slides: Best Practices in Data Stewardship (Technical)
Data-Ed Slides: Best Practices in Data Stewardship (Technical)
 
Data-Ed Online: Approaching Data Quality
Data-Ed Online: Approaching Data QualityData-Ed Online: Approaching Data Quality
Data-Ed Online: Approaching Data Quality
 
The Importance of Metadata
The Importance of MetadataThe Importance of Metadata
The Importance of Metadata
 
Enterprise Data Architect Job Description
Enterprise Data Architect Job DescriptionEnterprise Data Architect Job Description
Enterprise Data Architect Job Description
 
Enterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial InstitutionsEnterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial Institutions
 
Requirements for a Master Data Management (MDM) Solution - Presentation
Requirements for a Master Data Management (MDM) Solution - PresentationRequirements for a Master Data Management (MDM) Solution - Presentation
Requirements for a Master Data Management (MDM) Solution - Presentation
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Implementing the Data Maturity Model (DMM)
Implementing the Data Maturity Model (DMM)Implementing the Data Maturity Model (DMM)
Implementing the Data Maturity Model (DMM)
 
8 Steps to Creating a Data Strategy
8 Steps to Creating a Data Strategy8 Steps to Creating a Data Strategy
8 Steps to Creating a Data Strategy
 
Data Governance vs. Information Governance
Data Governance vs. Information GovernanceData Governance vs. Information Governance
Data Governance vs. Information Governance
 
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
‏‏‏‏‏‏‏‏‏‏Chapter 12: Data Quality Management
 
Infographic: Data Governance Best Practices
Infographic: Data Governance Best Practices Infographic: Data Governance Best Practices
Infographic: Data Governance Best Practices
 
Glossaries, Dictionaries, and Catalogs Result in Data Governance
Glossaries, Dictionaries, and Catalogs Result in Data GovernanceGlossaries, Dictionaries, and Catalogs Result in Data Governance
Glossaries, Dictionaries, and Catalogs Result in Data Governance
 
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
 
Ebook - The Guide to Master Data Management
Ebook - The Guide to Master Data Management Ebook - The Guide to Master Data Management
Ebook - The Guide to Master Data Management
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slides
 
How to identify the correct Master Data subject areas & tooling for your MDM...
How to identify the correct Master Data subject areas & tooling for your MDM...How to identify the correct Master Data subject areas & tooling for your MDM...
How to identify the correct Master Data subject areas & tooling for your MDM...
 
Data Quality Best Practices
Data Quality Best PracticesData Quality Best Practices
Data Quality Best Practices
 

Similaire à DAMA Ireland - GDPR

GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? SecurityScorecard
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkPECB
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysQualsys Ltd
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance Dovetail Software
 
GDPR master class accountable research organisations (january 2018)
GDPR master class accountable research organisations (january 2018)GDPR master class accountable research organisations (january 2018)
GDPR master class accountable research organisations (january 2018)MRS
 
Business impact of new EU General Data Protection Regulation (GDPR) on organi...
Business impact of new EU General Data Protection Regulation (GDPR) on organi...Business impact of new EU General Data Protection Regulation (GDPR) on organi...
Business impact of new EU General Data Protection Regulation (GDPR) on organi...PECB
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR ComplianceGabor Farkas
 

Similaire à DAMA Ireland - GDPR (20)

What is CT- DPO.pdf
What is CT- DPO.pdfWhat is CT- DPO.pdf
What is CT- DPO.pdf
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC Framework
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
 
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
GDPR: 3 Months On | Guest Speaker: Data Protection CommissionersGDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance
 
GDPR master class accountable research organisations (january 2018)
GDPR master class accountable research organisations (january 2018)GDPR master class accountable research organisations (january 2018)
GDPR master class accountable research organisations (january 2018)
 
Business impact of new EU General Data Protection Regulation (GDPR) on organi...
Business impact of new EU General Data Protection Regulation (GDPR) on organi...Business impact of new EU General Data Protection Regulation (GDPR) on organi...
Business impact of new EU General Data Protection Regulation (GDPR) on organi...
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To Consider
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll Bureau
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance
 

Plus de DAMA Ireland

Robotics and Artificial Intelligence - The good the bad and the data - John T...
Robotics and Artificial Intelligence - The good the bad and the data - John T...Robotics and Artificial Intelligence - The good the bad and the data - John T...
Robotics and Artificial Intelligence - The good the bad and the data - John T...DAMA Ireland
 
THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...
THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...
THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...DAMA Ireland
 
GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...
GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...
GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...DAMA Ireland
 
Life with GDPR 2018 - From Governance to Optimisation
Life with GDPR 2018 - From Governance to OptimisationLife with GDPR 2018 - From Governance to Optimisation
Life with GDPR 2018 - From Governance to OptimisationDAMA Ireland
 
The Data Value Map for GDPR - May 2018 - GDPR summit Dublin
The Data Value Map for GDPR - May 2018 - GDPR summit DublinThe Data Value Map for GDPR - May 2018 - GDPR summit Dublin
The Data Value Map for GDPR - May 2018 - GDPR summit DublinDAMA Ireland
 
The data value map for GDPR - How to extract Business Value from your GDPR Pr...
The data value map for GDPR - How to extract Business Value from your GDPR Pr...The data value map for GDPR - How to extract Business Value from your GDPR Pr...
The data value map for GDPR - How to extract Business Value from your GDPR Pr...DAMA Ireland
 
DAMA Ireland - Data Trust event 9th June 2016
DAMA Ireland - Data Trust event 9th June 2016DAMA Ireland - Data Trust event 9th June 2016
DAMA Ireland - Data Trust event 9th June 2016DAMA Ireland
 
DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...
DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...
DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...DAMA Ireland
 
DAMA Ireland Kick-Off Event 29Mar2016
DAMA Ireland Kick-Off Event 29Mar2016DAMA Ireland Kick-Off Event 29Mar2016
DAMA Ireland Kick-Off Event 29Mar2016DAMA Ireland
 
From big to smart data in five simple steps DAMA Ireland Event 29Mar2016
From big to smart data in five simple steps DAMA Ireland Event 29Mar2016From big to smart data in five simple steps DAMA Ireland Event 29Mar2016
From big to smart data in five simple steps DAMA Ireland Event 29Mar2016DAMA Ireland
 

Plus de DAMA Ireland (10)

Robotics and Artificial Intelligence - The good the bad and the data - John T...
Robotics and Artificial Intelligence - The good the bad and the data - John T...Robotics and Artificial Intelligence - The good the bad and the data - John T...
Robotics and Artificial Intelligence - The good the bad and the data - John T...
 
THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...
THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...
THE GOOD, THE BAD, THE DATA - Artificial Intelligence and Robotic Process Aut...
 
GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...
GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...
GDPR Summit RDS May 2018 - DAMA VP Opening remarks and links to all presentat...
 
Life with GDPR 2018 - From Governance to Optimisation
Life with GDPR 2018 - From Governance to OptimisationLife with GDPR 2018 - From Governance to Optimisation
Life with GDPR 2018 - From Governance to Optimisation
 
The Data Value Map for GDPR - May 2018 - GDPR summit Dublin
The Data Value Map for GDPR - May 2018 - GDPR summit DublinThe Data Value Map for GDPR - May 2018 - GDPR summit Dublin
The Data Value Map for GDPR - May 2018 - GDPR summit Dublin
 
The data value map for GDPR - How to extract Business Value from your GDPR Pr...
The data value map for GDPR - How to extract Business Value from your GDPR Pr...The data value map for GDPR - How to extract Business Value from your GDPR Pr...
The data value map for GDPR - How to extract Business Value from your GDPR Pr...
 
DAMA Ireland - Data Trust event 9th June 2016
DAMA Ireland - Data Trust event 9th June 2016DAMA Ireland - Data Trust event 9th June 2016
DAMA Ireland - Data Trust event 9th June 2016
 
DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...
DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...
DAMA Ireland - CDMP Overview (How to become a Certified Data Management Pract...
 
DAMA Ireland Kick-Off Event 29Mar2016
DAMA Ireland Kick-Off Event 29Mar2016DAMA Ireland Kick-Off Event 29Mar2016
DAMA Ireland Kick-Off Event 29Mar2016
 
From big to smart data in five simple steps DAMA Ireland Event 29Mar2016
From big to smart data in five simple steps DAMA Ireland Event 29Mar2016From big to smart data in five simple steps DAMA Ireland Event 29Mar2016
From big to smart data in five simple steps DAMA Ireland Event 29Mar2016
 

Dernier

Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Cathrine Wilhelmsen
 
Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Seán Kennedy
 
Heart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectHeart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectBoston Institute of Analytics
 
DBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdfDBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdfJohn Sterrett
 
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...Thomas Poetter
 
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)jennyeacort
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...limedy534
 
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degreeyuu sss
 
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...ssuserf63bd7
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfgstagge
 
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesConf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesTimothy Spann
 
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGILLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGIThomas Poetter
 
modul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptxmodul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptxaleedritatuxx
 
Thiophen Mechanism khhjjjjjjjhhhhhhhhhhh
Thiophen Mechanism khhjjjjjjjhhhhhhhhhhhThiophen Mechanism khhjjjjjjjhhhhhhhhhhh
Thiophen Mechanism khhjjjjjjjhhhhhhhhhhhYasamin16
 
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档208367051
 
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...Boston Institute of Analytics
 
Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...Seán Kennedy
 
INTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTDINTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTDRafezzaman
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.natarajan8993
 
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改yuu sss
 

Dernier (20)

Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)
 
Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...
 
Heart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectHeart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis Project
 
DBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdfDBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdf
 
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
 
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
Call Us ➥97111√47426🤳Call Girls in Aerocity (Delhi NCR)
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
 
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
 
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdf
 
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesConf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
 
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGILLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI
 
modul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptxmodul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptx
 
Thiophen Mechanism khhjjjjjjjhhhhhhhhhhh
Thiophen Mechanism khhjjjjjjjhhhhhhhhhhhThiophen Mechanism khhjjjjjjjhhhhhhhhhhh
Thiophen Mechanism khhjjjjjjjhhhhhhhhhhh
 
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
 
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
 
Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...
 
INTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTDINTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTD
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.
 
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
 

DAMA Ireland - GDPR

  • 1. Everything is about to change…
  • 3. One ring to rule them all*… *With up to 50 areas of local variation in 28 Member States
  • 4. PenaltiesPenalties • Failure to implement appropriate security measures • Failure to implement Data Protection by Design/by Default • Failure to ensure governance of data processors • Failure to conduct a PIA where required • Failure to maintain records of processing activities • Failure to have processes to support Data Subject rights • Breach of core Data Protection principles • Failure to ensure lawful basis for processing • Failure to meet conditions for consent • Failure to respect/comply with rights of data subject • Failure to ensure data transfers on valid basis • Failure to comply with order of the DPC Administration & Governance Offences Fundamental Rights & Duties Offences 2% of Global Turnover (or €10,000,000) [which ever is greater] 4% of Global Turnover (or €20,000,000) [which ever is greater]
  • 5. LiabilityLiability  Civil liability for both material damage and immaterial damage  Data Protection breaches can get you sued!  An evolution of existing rights
  • 6. The Problem with how most organisations do Data PrivacyThe Problem with how most organisations do Data Privacy
  • 7. The Need for Holistic ThinkingThe Need for Holistic Thinking  Need to consider the entire environment Information Environment Ethical Environment  Legal can’t fix broken process designs Bad Tyre Swing Design
  • 8. The Global Legislative TrendThe Global Legislative Trend 7 17 36 68 110 1970s 1980s 1990s 2000s 2010-2016 Total Global Data Privacy Law Within this, there is also continued evolution of existing Data Privacy laws (e.g. EU Data Protection Regulation)
  • 9. castlebridge associates |www.castlebridge.ie | www.dataprotectionofficer.ie Castlebridge changing how people think about information The GDPR and DMBOKThe GDPR and DMBOK
  • 10. GDPR SummarisedGDPR Summarised Regulatory “One Stop Shop” Core Principles Increased Penalties Risk based approach to Data Protection Explicit Focus on Governance Principles Driven Principles Driven Stricter Consent (where consent only basis) Enhanced Rights: Data Portability; RTBF; Risk & Penalty Mitigation Documentation Data Protection Officer Evidence of Effectiveness Risk & Penalty Mitigation Enforcement against Data Processors Extra territoriality Fines as % of Global Turnover Mitigating Factors 1. Lawfulness, fairness, transparency 2. Purpose Limitation 3. Data Minimisation 4. Accuracy 5. Storage Limitation 6. Integrity & Confidentiality 7. Accountability + Article 1, 7, and 8 ECHR Privacy by Design/Default
  • 11. The GDPR Principles – An evolution…The GDPR Principles – An evolution… Fair Obtaining Purpose Specification Purpose Limitation Security Accuracy Adequate / Relevant Retention Data Subject Rights Lawfulness, fairness, transparency Purpose Limitation Data Minimisation Accuracy Storage Limitation Integrity & Confidentiality Accountability
  • 12. The Accountability PrincipleThe Accountability Principle  “The Controller shall be responsible for, and be able to demonstrate compliance with…” Article 5(2) General Data Protection Regulation  “The Controller shall be responsible for, and be able to demonstrate compliance with…” Article 5(2) General Data Protection Regulation Creates a positive duty to actively monitor and govern the management of personal data “Shelf-ware” policies and reactive responses to issues do not demonstrate compliance
  • 13. One key change: Some new definitionsOne key change: Some new definitions Personal Data: any information relating to an identified or identifiable natural person who can be identified either directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity of that person Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organising, structuring, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; Definition of processing is slightly broader in terms of the things that might constitute personal data… HOARDS still valid as a way of remembering what Processing is…
  • 14. One key change: Some new definitionsOne key change: Some new definitions Profiling: any form of automated processing consisting of using data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements Personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed A broad category of activity – “automated processing” now clearly defined Current Irish DPC Code of Practice includes “risk of breach”
  • 15. A clearly defined test for “Compatible Purpose”A clearly defined test for “Compatible Purpose”  Is there a link between the purposes?  What was the context of collection, in particular relationship between Controller & Data Subjects  What is the data?  What are the risks/possible consequences to the data subject?  What safeguards are being put in place to protect fundamental rights?
  • 16. New Duties: Privacy By Design/DefaultNew Duties: Privacy By Design/Default  Privacy is the default setting for processes.  Must ensure appropriate controls are in place in design and development  Must ensure appropriate tech and organisational measures are in place to minimise access to data for particular purposes  Privacy is the default setting for processes.  Must ensure appropriate controls are in place in design and development  Must ensure appropriate tech and organisational measures are in place to minimise access to data for particular purposes
  • 17. New(ish) Duty: Data Security BreachNew(ish) Duty: Data Security Breach  Largely as per current DPC Code of Practice  Must notify DPC “without undue delay” or within 72 hours, unless breach is unlikely to result in risk to individuals rights/freedoms  Any delay over 72 hours will require a reasoned justification  Communication to Data Subject required if there is a high risk to rights and freedoms.  Not required if data is unintelligible (e.g. encrypted)  Not required if controller has taken steps to eliminate risk of impact to rights/freedoms  Not required if a disproportionate effort  DPC has final say.
  • 18. New Role: The Data Protection OfficerNew Role: The Data Protection Officer  Not mandatory in all cases, but recommended  Will be mandatory for public authorities or organisations that engage in systematic monitoring on a large scale or process sensitive personal data on a large scale  Member States may set their own rules locally  DPO must have “expert knowledge of data protection law and practices and an ability to fulfil tasks” of the DPO.  May be a member of staff or may be a contractor  Contact details should be published and communicate to the DPC.
  • 19. New Role: The Data Protection OfficerNew Role: The Data Protection Officer  A public facing role (can be contacted by Data Subjects)  Must be involved in a “timely manner” in all issues relating to processing of personal data  E.g. system design and specification  Must be supported by Data Controller in execution of tasks and maintaining knowledge.  Must be able to act independently in relation to Data Protection tasks (  Should report to the most senior executive level  Role is to  Inform and advise  Monitor compliance with externa legislation and internal policies and procedures, including training  Supporting Privacy Impact Assessments  Acting as contact point for DPC  Cannot be dismissed or penalised for performing Data Protection tasks
  • 20. A Focus on Governance & ControlsA Focus on Governance & Controls Article 23: Privacy by Design & Default Article 33: Data Protection Impact Assessment Article 28: Documentation Article 35: Data Protection Officer Article 37: Tasks of DPO Article 33(8): Data Protection Compliance Review Article 37: Tasks of DPO
  • 21. Data Privacy in the DMBOK WheelData Privacy in the DMBOK Wheel © DAMA International, used with permission
  • 22. Data Governance Data Protection Data Quality TRUST The Anatomy of the StoolThe Anatomy of the Stool Internal Uses (e.g. Analytics) Customer “value” perception External Uses (e.g. Open Data)
  • 23. Data Privacy: PrinciplesData Privacy: Principles GDPR Data Governance Data Quality Lawfulness, fairness, and transparency Purpose Limitation Data Minimisation Accuracy Storage Limitation Integrity and Confidentiality Accountability Data Subject Rights
  • 24. Relevant Dimensions of Information QualityRelevant Dimensions of Information Quality Information Quality Dimension 95/46/EC ePrivacy Regs EUDATAP Accuracy X X X Completeness X X X Timeliness X X X Consistency X X Conformity X X Relevance/Not Excessive X X Adequacy (for purpose) X X Duplication X X Quality of Data Definition (business & tech) X X Information Product Specification X X X
  • 25. Defining Information Quality & Information Quality Management Defining Information Quality & Information Quality Management
  • 26. Overview of an IQM FrameworkOverview of an IQM Framework The Ten Steps™ Process © Danette McGilvray
  • 27. Based on 9-box model developed by Abcouwer, A.W., Maes, R. Truijens, J, Amsterdam Univeristy (1997-2003)
  • 28. Data Privacy in the DMBOK WheelData Privacy in the DMBOK Wheel © DAMA International, used with permission
  • 29. What is Data Governance in DMBOK?What is Data Governance in DMBOK? Definition: The exercise of authority and control (planning, monitoring, and enforcement) over the management of data assets.. Goals: • To define, approve, and communicate data strategies, policies, standards, architecture, procedures, and metrics. • To track and enforce regulatory compliance and conformance to data policies, standards, architecture, and procedures. • To sponsor, track, and oversee the delivery of data management projects and services. • To manage and resolve data related issues. • To understand and promote the value of data assets. Activities: 1. Data Management Planning • Understand Strategic Enterprise Data Needs • Develop and Maintain the Data Strategy • Establish Data Professional Roles and Organizations • Identify and Appoint Data Stewards • Establish Data Governance and Stewardship Organizations • Develop and Approve Data Policies, Standards, and Procedures • Review and Approve Data Architecture • Plan and Sponsor Data Management Projects and Services • Estimate Data Asset Value and Associated Costs 2. Data Management Control • Supervise Data Professional Organizations and Staff • Coordinate Data Governance Activities • Manage and Resolve Data Related Issues • Monitor and Ensure Regulatory Compliance • Monitor and Enforce Conformance With Data Policies, Standards, and Architecture • Oversee Data Management Projects and Services • Communicate and Promote the Value of Data Assets Inputs Outputs Inputs: • Business Goals • Business Strategies • IT Objectives • IT Strategies • Data Needs • Data Issues • Regulatory Requirements Primary Deliverables: • Data Policies • Data Standards • Resolved Issues • Data Management Projects and Services • Quality Data and Information • Recognized Data Value
  • 30. Data Privacy: Data GovernanceData Privacy: Data Governance Principle Governance Quality Personal data which is being processed must be fairly obtained and processed X Personal Data shall be obtained for a Specified and Lawful Purpose X Personal Data shall not be processed in a manner incompatible with the specified purpose X Personal Data shall be kept accurate and complete and, where necessary, kept up to date X Personal Data should be kept Safe & Secure X Data processed must be adequate, relevant and not excessive X X Personal data should not be kept for longer than necessary for the specified purpose or purposes X X Data Subjects have a right of Access. X
  • 31. Understanding Information/Data StewardshipUnderstanding Information/Data Stewardship Information Stewardship is: An ethic that embodies responsible planning and management of Information Resources through… The acceptance or assignment of responsibility to shepherd and safeguard the Information Assets of others, both inside the organisation and beyond
  • 32. A Holistic Framework?A Holistic Framework? Based on 9-box model developed by Abcouwer, A.W., Maes, R. Truijens, J, Amsterdam Univeristy (1997-2003) Data Protection Officer Documentation & Controls Evidence of Effective Operation Privacy Expectation met or exceeded!
  • 33. Different Types of Data StewardDifferent Types of Data Steward Strategic Operational Tactical Doers Definers Deciders Co-ordinators           The D3C Model™ © 2013 Castlebridge Associates
  • 34. The Data Protection/Privacy Officer RoleThe Data Protection/Privacy Officer Role • Reporting to Executive Board • Must be Independent • Technical and Business skills • Accountable for the System of Governance • “Statutory Tenure” • Relationship to CDO, CPO, CIO etc.
  • 35. A Data Stewardship Mind Map – Standards?A Data Stewardship Mind Map – Standards? Governance & Stewardship Data Use Steward (Doer/Definer) UX Requirements Privacy Reporting Screens & Reports Quality Screen & Reports Content Design & Aesthetics Data Governance Reqts (Co-ordinator) Data Standards Compliance Use of Metadata Documentation Metric Driven Quality Assurance Data Management Structure Data Collection Steward (Doer/Definer) Data Classification (PII, Sensitive) Encryption Business Content Rules Privacy Rules Privacy Reqts Steward (Decider/Definer) Purpose Notice Consent Transfer (3rd Party) Access/Correction/Deletion Proportionality Retention Responsible Action Based on M. Dennedy & Tom Finneran
  • 36. Castlebridge changing how people think about information Data Privacy & Data QualityData Privacy & Data Quality
  • 37. Data Privacy in the DMBOK WheelData Privacy in the DMBOK Wheel © DAMA International, used with permission
  • 38. What is Data Quality in DMBOK?What is Data Quality in DMBOK? Definition: Planning, implementation, and control activities that apply quality management techniques to measure, assess, improve, and ensure the fitness of data for use.. Goals: • To measurably improve the quality of data in relation to defined business expectations. • To define requirements and specifications for integrating data quality control into the system development lifecycle. • To provide defined processes for measuring, monitoring, and reporting conformance to acceptable levels of data quality. Activities: 1. Develop and Promote Data Quality Awareness 2. Define Data Quality Requirements 3. Profile, Analyze, and Assess Data Quality 4. Define Data Quality Metrics 5. Define Data Quality Business Rules 6. Test and Validate Data Quality Requirements 7. Set and Evaluate Data Quality Service Levels 8. Continuously Measure and Monitor Data Quality 9. Manage Data Quality Issues 10. Clean and Correct Data Quality Defects 11. Design and Implement Operational DQM Procedures 12. Monitor Operational DQM Procedures and Performance Inputs Outputs Inputs: • Business Requirements • Data Requirements • Data Quality Expectations • Data Policies and Standards • Business Metadata • Technical Metadata • Data Sources and Data Stores Primary Deliverables: • Improved Quality Data • Data Management • Operational Analysis • Data Profiles • Data Quality Certification Reports • Data Quality Service Level • Agreements Metrics: • Data Value Statistics • Errors / Requirement Violations • Conformance to Expectations • Conformance to Service Levels Tools: • Data Profiling Tools • Statistical Analysis Tools • Data Cleansing Tools • • Data Integration Tools • Issue and Event Management Tools
  • 39. Data Protection: Quality PrinciplesData Protection: Quality Principles Principle Governance Quality Personal data which is being processed must be fairly obtained and processed X Personal Data shall be obtained for a Specified and Lawful Purpose X Personal Data shall not be processed in a manner incompatible with the specified purpose X Personal Data shall be kept accurate and complete and, where necessary, kept up to date X Personal Data should be kept Safe & Secure X Data processed must be adequate, relevant and not excessive X X Personal data should not be kept for longer than necessary for the specified purpose or purposes X X Data Subjects have a right of Access. X
  • 40. Relevant Dimensions of Information QualityRelevant Dimensions of Information Quality Information Quality Dimension 95/46/EC ePrivacy Regs EUDATAP Accuracy X X X Completeness X X X Timeliness X X X Consistency X X Conformity X X Relevance/Not Excessive X X Adequacy (for purpose) X X Duplication X X Quality of Data Definition (business & tech) X X Information Product Specification X X X
  • 41. Case Study: Online customer registration process, UK bankCase Study: Online customer registration process, UK bank Register for SMS alert Display proposed number Update Contact Details Select Preferred Contact Number Send SMS Updates ***9901 (no option for 2nd number) Message
  • 42. Case StudyCase Study Issues: *****9901 was a number that hasn’t been used for >5 years by that account holder. Mobile phone numbers are recycled – usually 12- 18 months after termination of contract SMS containing bank details of this customer potentially being sent to a 3rd party Customer complained to UK Data Privacy Regulator Customer knows a bit about data modelling
  • 43. What is Data Quality in DMBOK?What is Data Quality in DMBOK? Definition: Planning, implementation, and control activities that apply quality management techniques to measure, assess, improve, and ensure the fitness of data for use.. Goals: • To measurably improve the quality of data in relation to defined business expectations. • To define requirements and specifications for integrating data quality control into the system development lifecycle. • To provide defined processes for measuring, monitoring, and reporting conformance to acceptable levels of data quality. Activities: 1. Develop and Promote Data Quality Awareness 2. Define Data Quality Requirements 3. Profile, Analyze, and Assess Data Quality 4. Define Data Quality Metrics 5. Define Data Quality Business Rules 6. Test and Validate Data Quality Requirements 7. Set and Evaluate Data Quality Service Levels 8. Continuously Measure and Monitor Data Quality 9. Manage Data Quality Issues 10. Clean and Correct Data Quality Defects 11. Design and Implement Operational DQM Procedures 12. Monitor Operational DQM Procedures and Performance Inputs Outputs Inputs: • Business Requirements • Data Requirements • Data Quality Expectations • Data Policies and Standards • Business Metadata • Technical Metadata • Data Sources and Data Stores Primary Deliverables: • Improved Quality Data • Data Management • Operational Analysis • Data Profiles • Data Quality Certification Reports • Data Quality Service Level • Agreements Metrics: • Data Value Statistics • Errors / Requirement Violations • Conformance to Expectations • Conformance to Service Levels Tools: • Data Profiling Tools • Statistical Analysis Tools • Data Cleansing Tools • Data Integration Tools • Issue and Event Management Tools Legal requirements Ethical Requirements “The Creepy Line”
  • 44. A Data Privacy KPI?A Data Privacy KPI?  EU E-Marketing rules require data to be used within 12 months from consent having been obtained or consent is nullified.  Client organisation had no assessment of how much trust they could place in their marketing data  Was facing prosecutions for breaches of rules  Developed a Dashboard  Associated a financial “Business Impact” KPI  Senior Executive were shocked at impact of not managing their customer data… 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 12 months or over 10 -12 Months 6-9 months 3-6 months 0-3 months Marketing Months since last contact ePrivacy Directive Consent Tracker Average revenue uplift of €10/ Month per campaign, 10% success rate, 1.2 million customers Opportunity Lost: €1,440,000 Value at Risk: €4,320,000