The Significant Role of European Union s GDPR in Data Governance By Michael G. Miller - michael.miller@infosys.com Infosys - Data and Analytics (DNA) - Principal Consultant For DAMA - Chicago Chapter June 21, 2017 Agenda 2 1. Introduction 2. What is GDPR (General Data Protection Regulation) (EU 2016/679)? 3. Why you should care? 4. GDPR role in Enterprise Data Governance 5. Future of Enterprise Data Governance and Data Protection Regulations 1
The next-generation technology services company Infosys helps enterprises create and execute strategies for their digital transformation. We help our clients find the right problems to solve, and to solve these effectively. Our team of innovators, across the globe, is differentiated by the imagination, knowledge and experience, across industries and technologies that we bring to every project we undertake. Corporate People Learning Purpose Clients Founded in Pune, India in 1981 200,000+ employees globally World s largest corporate university Use advances in technology to amplify human potential Six $200M clients $10 billion in revenues 72,248 women employees 1,35,000+ employees trained in Design Thinking $500 million innovation fund Nineteen $100M clients 1,162 clients Automation repurposed 11,000 people s effort into more valuable tasks 17,435 engineers trained in 3+ programming languages 97.3% business is repeat business Thirty One $71M clients Clients in over 45 countries 84 offices and 116 development centers Zero Bench for sustained engagement of employees 15,000 projects driven by employees innovating through Zero Distance 15,000+ employees trained in new technologies & platforms 967 employees mentored in executive leadership 2% of avg. net profits over 3 fiscals to Infosys Foundation Award winning sustainable delivery centers Fifty Six $50M clients Ninety One $25M clients 3 Infosys Data and Analytics (DNA) Practice Infosys Data and Analytics focuses on driving new possibilities with our clients to ensure Business Insights, Operational Efficiency & Data Monetization 4 Dedicated BI Consultants Successfully Executed Projects Active Client Relationships Industry Domain Expertise Collaborative BI Vendor Alliances IBM DataStage MS BI MicroStrategy Consulting Architecture and design 4 out of top 5US Banks Financial Services Platform Plays Teradata Hyperion Open Source SAS/R Informatica SAP Cognos Big Data Oracle and OBIEE Ab Initio Tableau / QLIKVIEW Data quality management & governance Reporting & visualization Big data Analytics Solutions Platform & operations Next gen apps 3 out of top 6 European Banks 5 out of top 6 Credit Card insurers 5 out of top 10 High Tech Industries 8 out of top 10 Global Pharmaceuticals Insurance, Cards and Payments Retail, CPG, Logistics Manufacturing, Energy, Communications & Services Healthcare and Life Sciences Education Pure Plays Big Data Rated positive in Gartner Market Scope for BI/ IM, North America Rated Leader in Forrester Wave; BI Service Providers Infosys featured in the Winners circle HfS Blueprint on Enterprise Analytics Services, 2014` Infosys is a major player in IDC MarketScape Worldwide Business Analytics Consulting and System Integration service 2
Author 5 Michael G. Miller is a Principal Consultant, member of Infosys - Data and Analytics (DNA) group with concentrations in Data and Information Strategy, Data and Information Governance, as well as Regulatory Compliance (GDPR, BCBS239, CCAR, etc.) for global customers. Mr. Miller has over 30 years of business & IT experience in banking, securities and insurance starting his career in computer operations, programming and systems design, and then moving on to consulting and teaching roles in enterprise architecture (TOGAF), business intelligence and data governance. EU GDPR Deadline Date: May 25, 2018 6 http://www.eugdpr.org/ 3
What is GDPR & Why GDPR? 7 https://www.infosys.com/gdpr/ Why GDPR? 8 https://www.infosys.com/gdpr/ 4
Name 1 Austria 2 Belgium 3 Bulgaria 4 Croatia 5 Cyprus 6 Czech Republic 7 Denmark 8 Estonia 9 Finland 10 France 11 Germany 12 Greece 13 Hungary 14 Ireland EU GDPR Scope + 4 countries - Iceland, Liechtenstein, Norway, and Switzerland [forming the European Free Trade Association (EFTA)]. Name 15 Italy 16 Latvia 17 Lithuania 18 Luxembourg 19 Malta 20 Netherlands 21 Poland 22 Portugal 23 Romania 24 Slovakia 25 Slovenia 26 Spain 27 Sweden 28 United Kingdom 9 GDPR Facts 10 Source: https://www.eset.com/int/business/gdpr-low-level-implementation-according-idc-report/ Key IDC findings: Of those who know about it, 20% are not prepared at all, 22% of companies are not aware of the GDPR, 52% know about it but say the impact is unclear, 56% of companies don t currently measure breach/attack costs & 59% are not fully GDPR-compliant. 5
11 https://www.itgovernanceusa.com/blog/25-of-us-organizations-fear-the-eu-gdpr-could-put-them-out-of-business/ 12 https://www.infosys.com/gdpr/ 6
Data Privacy Officers (DPOs) 13 The International Association of Privacy Professionals (IAPP) https://iapp.org/news/a/study-gdprs-global-reach-to-require-at-least-75000-dpos-worldwide/ GDPR Data & Data Governance 14 = Personally Identifiable Information Security GDPR Data Data Governance Privacy 0 7
What people think your (Personally Identifiable Information) looks like. 15 https://en.wikipedia.org/wiki/supermarket#/media/file:fredmeyer_edit_1.jpg What your (Personally Identifiable Information) really looks like! 16 https://en.wikipedia.org/wiki/landfill 8
Data Governance 17 DAMA DMBOK (Data Management Body of Knowledge II) 2013 GDPR Data Governance 18 Modified version of DAMA DMBOK (Data Management Body of Knowledge II) 2013 9
Data Governance Structure 19 GDPR Data Governance Structure 20 G D P R P I I 10
Enterprise Data Governance 21 GDPR Enterprise Data Governance 22 GDPR - Personally Identifiable Information () 11
Enterprise Data Governance Key Benefits 23 GDPR Framework Overview 24 1 2 3 4 https://www.infosys.com/gdpr/ 12
Infosys ADAM GDPR Framework 25 https://www.infosys.com/gdpr/ GDPR Maturity Assessment 26 https://www.infosys.com/gdpr/ 13
GDPR Key Action Items 27 https://www.infosys.com/gdpr/ Future of Enterprise Data Governance and Data Protection Regulations 28 More Data Protection Regulations More (Personally Identifiable Information) Digital Business https://www.infosys.com/gdpr/ 14
For more information Official Journal of the European Union L119 Legislation Volume 59 4 May 2016 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) http://eur-lex.europa.eu/legal-content/en/txt/?uri=oj%3al%3a2016%3a119%3atoc Infosys GDPR Be Ready with Infosys https://www.infosys.com/gdpr/cached The GDPR deadline is closing In - Are you ready? - Infosys https://www.infosys.com/gdpr/documents/gdpr-deadline-closing.pdf The EU Data Protection Reform and Big Data http://ec.europa.eu/justice/data-protection/files/data-protection-bigdata_factsheet_web_en.pdf?bcsi_scan_94a977aee9df674a=0&bcsi_scan_filename=data-protection-bigdata_factsheet_web_en.pdf The GDPR Benchmark Report: GDPR s Impact on Your Business and How to Prepare https://www.avepoint.com/blog/strategy-blog/gdpr-benchmark-report-impact-business-prepare/ How to Know When It s Time to Re-Architect a Data Management Platform eweek Magazine By: Chris Preimesberger June 15, 2017 http://www.eweek.com/database/how-to-know-when-it-s-time-to-re-architect-a-data-management-platform 29 30 15
Thank You 20167 Infosys Limited, Bangalore, India. All Rights Reserved.Infosys believes the information in this document is accurate as of its publication date; such information is subject to change without notice. Infosys acknowledges the proprietary rights of other companies to the trademarks, product names and such other intellectual property rights mentioned in this document. Except as expressly permitted, neither this documentation nor any part of it may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic,mechanical,printing, photocopying,recording or otherwise, without the prior permission of Infosys Limited and/ or any named intellectualproperty rights holders under this document. 16