4 Tips for Getting Started with Evolving Your Privacy Regulation Compliance Posture

View all posts on GDPR

In a recent discussion with a large corporation on the topic of how to tackle privacy regulation compliance, the compliance officer made the comment, “This is a lot of work!”  Clearly the officer was feeling a bit overwhelmed by the task at hand. You see, compliance officers are not typically in the business of enterprise data management.  However, they are asked to oversee the governance associated with data and activities that exists across the organization, as well as outside the organization.

This introduces an interesting organizational challenge. How do you elevate the role of data so that it’s not narrowly focused on needs related to project requirements, regulatory compliance, and the “fire of the day”?

We see this challenge frequently within the financial industry. For example, many companies responded to the challenges of the financial crises and the corresponding increase in regulation, by investing in point solutions.  This refers to solutions that were designed to achieve compliance in a particular dimension. So, while that satisfied compliance regulations for one dimension, it created a headache for the internal auditors trying to reconcile compliance data across the enterprise. They struggled to understand why numbers from the same operations and transactional data stores could result in differences when reporting through the compliance process. Why did this happen? Because point solutions fail to consider enterprise data management.

For companies that don’t operate in a highly regulated environment, this might be your first time thinking about data from the perspective of the enterprise.  After performing the initial due diligence it can be a bit daunting to satisfy compliance regulations across the enterprise.  But, you are not alone in this! Here are four tips on how to get started:

  • Find out What Other Data Management Projects are in the Works. Inquire about other projects in the organization that could build on the same capabilities that drive your compliance initiative. Are you tackling a customer 360 initiative?  Do you hear phrases such as “Analytics as a Service” or “self-serve BI”? Is any area of the company engaged in Master Data Management (MDM) activities?
  • Create a Baseline of the Data. What data do you have and where is it?  What data is important?
  • Document What Others Do at the Practice Level. Break tasks down based on what people are actually doing (not their job description). You’ll likely discover that you are already performing many of the tasks required for compliance – just not in the context of compliance (see Tip 1).
  • Align the Data Management Work with Corporate Goals and Risks. Once you’ve got a handle on what the right data is and where it resides, you can align that with the company’s overall objectives.  Then you’ll see how your data provides the building blocks and impacts the bottom line. 

Need guidance or a helping hand?  Give us a call, we can help you identify the right data so you can make the right decisions right now.

Download White Paper: Getting Started With Data Governance