Data breaches and identity theft have emerged as very important issues in recent years. It didn’t mean all that much before smartphones when the phone was only used to call and text. Bank transactions were made face to face. People didn’t give much thought about their passwords; data theft, hackers and cyber criminals were not in the equation.
As you are aware, the General Data Protection Regulation (GDPR) will take effect from 25th May 2018 forcing companies to fundamentally change the way they collect, manage and store information. Organisations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater).
For many organisations, dealing with personal data forms a large part of their daily activities. In most instances, the data being handled is confidential and as a result, the risks are larger. Through IBM Business Analytics, you can ensure the quality of your data, assess what data you have, what you’re using it for and consider how you can interact with individual customers, clients or third parties. This is essential for offering transparency and trust which is demanded from GDPR.
One of the main concepts of GDPR is that controllers are held accountable – they bare responsibility for compliance and should be able to demonstrate it. Your business must be able to demonstrate an auditable data trail and keep records of compliance to show an audit trail to the data commissioner. IBM Business Analytics does provide complete auditing capabilities that enable logging and managing system usage. By default, system messages, errors, and other product details are logged to flat files that reside in the log directory.
Financial teams should also deploy the necessary technical and organisational measures to allow timely and reasonable responses to requests for data, based on the increasing rights under the GDPR. The ‘right to be forgotten’ allows anyone to request the removal of their data; where the data is no longer needed for the transactional purposes for which the data were obtained, or where there’s no legitimate basis for the transaction.
The Data Protection Impact Assessments forecasted for the likely “high risk” transaction will also become compulsory for financial teams as they handle huge amounts of confidential customer data. In the event where processes are likely to result in high risk, the supervisory authority should be consulted prior to processing.
Companies in all sectors should be taking steps now to ensure that they’re able to comply with the new demands of the GDPR. This should help such businesses to build and maintain the trust and confidence of their consumers, business partners and other stakeholders whose personal data they gather and process and avoid breaches of relevant data protection rules.
It’s now a good time to prepare your business for the GDPR. Discover how IBM Business Analytics can give you the speed, agility, and foresight to assist you on the journey to GDPR Compliance.