The General Data Protection Regulations (GDPR) that take effect on 25 May 2018 apply to all EU and foreign organizations handling personal data of EU residents.
They mandate strict compliance and call for steep fines for privacy violations. If you commit infractions or are subjected to random checks, regulators will require you to prove your compliance with GDPR requirements.
In this series on GDPR compliance, we’ll break down how companies can best achieve compliance with the EU’s new privacy regulations using the power of graph database technology. This week, we’ll take a closer look at the challenges and problems of compliance when it comes to storing personal data across an enterprise.
Personal Data Raises Difficult Questions
To meet GDPR requirements, you must be able to answer these difficult questions for any of the more than 500 million people in the European Union:
But GDPR demands don’t end with these questions. You must know when and where breaches occur and what data was taken. You have to give people a way to view their personal data and how it’s being used. And – perhaps most importantly – you must be able to prove to regulators that you are in compliance with GDPR requirements.
GDPR rules are the most far-reaching and technically demanding personal data privacy regulations ever established. This high degree of visibility and enforcement provides an opportunity for organizations across the Continent: Enterprises that embrace the new GDPR regulations and provide transparent tracking of personal information have a big opportunity to win the hearts, minds and business of consumers.
Tracking Personal Data Requires Deep Visibility
In modern organizations, personal data resides in many applications that span servers, data centers, geographies, internal networks, and cloud service providers. GDPR holds you accountable for that data regardless of where it is stored. And it requires you to be able to access, report and remove personal information from all those systems when required by consumers or regulators.
To satisfy GDPR requirements, you must be able to track the movement, or lineage, of a contact’s personal data — where it was first acquired, whether consent was obtained, where it moves over time, where it resides in each of your systems, and how it gets used. The connections among those systems and silos are key to tracking the complex path that personal data follows through your enterprise.
The key to GDPR compliance is tracking data lineage across all your enterprise applications
A seismic shift will occur in the data management world this coming May when GDPR becomes law in the European Union. If you’re an organization with information about European residents, then you must comply with these new, strict rules about how personal data is stored, secured, used, transmitted and even erased from your system.
Using a graph database foundation for your GDPR solution places your organization on the fastest, easiest, most cost-effective path to GDPR compliance. One of the challenges with adhering to these regulations is ensuring you find all the data related to an individual. Using a graph database like Neo4j enables you to manage all of your data and its connections, offering a natural approach to compliance with GDPR.
In the coming weeks, we’ll take a closer look at why graph technology is a superior approach to tackling the challenge of GDPR, and we’ll outline four steps to building a GDPR compliance solution.
Read the White Paper
About the Author
Navneet Mathur , Senior Director of Global Solutions, Neo4j
Nav Mathur is Senior Director of Global Solutions at Neo4j. He is responsible for solutions development and go-to-market activities.