The upside of GDPR: a potential remedy for your “dark” data

Share this post:

How much unnecessary weight is your organization lugging around? Just think of all the data in production systems that nobody uses anymore. And what about dark or unstructured data, fragmented in crumbs throughout emails, presentations, phone notes, spreadsheets, and so much more? Keeping data you don’t need for business or regulatory purposes can be unhealthy in terms of IT cost and it can also put your company at greater risk in the event of a data breach – and on top of that, you may be basing your business decisions on data that is incorrect or no longer relevant. Getting your organization ready for GDPR might sound like a hassle, but it’s actually the perfect opportunity to take on this issue as well.

Take, for example, an insurance company, with over twenty years of insurance data and client information stored in its legacy databases. Very likely, some of this data is what we would call ROT: Redundant, Obsolete and/or Trivial. It has no business value, but may still cost money to store and maintain. The positive side is that the insurer usually knows the databases are there and knows exactly what they contain, offering some degree of control in terms of security and privacy.

However, when it comes to its unstructured data, we are usually looking at a totally different picture. Medical information may have been shared in emails between the company and physicians. Sensitive customer information may have been extracted from production systems for analytical purposes, answering questions like ‘how many people received treatment XX last year?’. And spreadsheets containing confidential employee information may have been saved locally by the company’s departmental managers. The bottom line? Most organizations, like our hypothetical insurance company, don’t have insight into their unstructured data stores – which is why it’s often referred to as “dark” data.

With GDPR on the horizon, this issue should be addressed. A great place to start may be to assess what personal information you have, where you keep it and what you are using it for. In this respect, GDPR can be an enabler to help transform your company into a truly data-driven organization. You can create business value from your data by leveraging new insights based on reliable information and improving your decision-making processes to serve customers better and more efficiently – and gaining their trust by taking care of their data along the way. There are tools available to help support this process that facilitate you analyzing your structured and unstructured data by looking for patterns to identify and locate personal information and other kinds of data – no matter where it is stored.

Simplifying your data landscape using such tools can help you with GDPR readiness, make the most of your data, and possibly save money on IT costs in the process. How’s that for an upside on GDPR?

Register for this webinar to find more about the tools available to help you get ready for GDPR and becoming a strong, data-driven organization.

Amir Jaibaji

Rob Langhorst

IBM nominated as ICT service supplier – Computable Awards 2017

Privacy issues are changing and the new legislation is leading. In May 2018, the new GDPR legislation will become effective, with new requirements for processing and processing personal data. IBM is one of the largest data processors and has acquired the necessary knowledge with previous privacy laws. It has resulted in a GDPR-specific architecture framework that IBM offers as a service. The main purpose of the GDPR assessment is a roadmap that prepares an organization for this GDPR legislation and to test risk factors in the organization of the client.

The complete jury report (in Dutch)

Vote for ICT service supplier of the year – IBM – Computable Awards 2017!

Notice:  Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsibility for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations.  The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.

Learn more about IBM’s own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey here.