Date Published 25 Apr 18

Ram Naresh Pratti - Principal at Collibra

On May 25, 2018, the General Data Protection Regulation (GDPR) goes into full effect. And according to Data Management Review, less than 15% of organizations feel they are very prepared to meet the data management requirements of the regulation. But while the GDPR is a complex regulation, one thing is clear. Data governance is critical to help organizations fulfill compliance requirements. Data governance helps organizations accelerate time to compliance by helping them: • Find the data they need to protect • Understand what that data means, where it comes from, and who has access to it • Trust that the data they have – and the processes they have in place around it – comply with the regulation • Advance data risk management in a changing regulatory environment Data governance, in the context of GDPR, includes six steps as outlined in the model below.

Data Governance is the Foundation for GDPR Compliance Collibra provides an enterprise-wide data governance solution that puts people and processes first. It automates data governance and management to quickly and securely deliver trusted data to the business users who need it. Paired with GDPR-specific professional services and a GDPR accelerator, Collibra delivers a complete governance solution that serves as the foundation for the broader GDPR compliance effort and ongoing change management.

Data Governance Platfor

The Collibra data governance platform delivers the core capabilities organizations need to build a solid governance foundation. These capabilities work in tandem across governance for GDPR to help organizations accelerate time to compliance. Key capabilities include:

  • Business Glossary: collaboratively agree on the definitions, rules, and policies that define the operational and organizational model for your personal data. Manage reviews and approvals, and make this information easily accessible to everyone who needs it. Understand the impact of data policy changes at the enterprise, departmental, and project level, and assess impact as you prepare your process inventory and supporting assets.
  • Stewardship: enable data stewards to work collaboratively with subject matter experts and data owners through role-based dashboards and interactive views to assess risk and make governance decisions. Assign DPOs and CISOs different levels in the organization and define their responsibilities. Create processes using configurable workflows to effectively protect, share, and improve your data assets.
  • Policy Manager: create, review, and update data policies related to personal data so they are adopted and enforced across your organization. Centralize all relevant GDPR regulation, document internal policies, safeguards, binding corporate rules, and contractual clauses, and determine how they interact with each other. Define issues and develop policies to address risks.
  • Data Helpdesk: identify data errors so your organization can resolve them quickly. Route issues to the correct stakeholders for resolution. Apply data fixes across relevant datasets – according to established data governance controls.
  • Catalog: find personal data that is used in business processes. Establish access request and approval processes to ensure that personal data remains in the hands of the right people for the right purpose. Establish data lineage and profiling. Track technology assets in dedicated registers or in the Catalog.
  • Data Dictionary: document technical metadata. Document how it is used, as well as roles and responsibilities for it. Launch appropriate workflows to define, describe, and map data.
  • Workflows: manage the onboarding of processes, running DPIAs, assigning the DPO the task of reporting a data breach, and managing cases where data subjects exercise rights such as right to be forgotten. Use to operationalize processes, resolve data gaps, and assure controls.
  • Scorecards and Dashboards: demonstrate compliance through standardized scorecards and role-based dashboards that monitor the status of your compliance activities.
  • Reporting: report on GDPR compliance activities to demonstrate sustainable compliance to regulatory authorities and support risk management on an ongoing basis.

Professional Services

Collibra Professional Services delivers the expert implementation services needed to get the most out of your Collibra

investment. Our implementation approach is to phase the delivery through our unique method that aligns with the

governance for GDPR process.

  • Readiness: review and refine GDPR requirements. Execute operating model gap analysis and define implementation approach (top-down vs. bottom-up). Install technology.
  • Implementation: configure application. Define data sharing and collection agreements. Establish business processes and processing activities. Implement workflows and harvest physical metadata. Design and enhance GDPR scorecards, dashboards, and data quality dashboards.
  • Monitor and Reporting: create GDPR scorecards, compliance and risk reporting, and data quality dashboards.

To complement Collibra Professional Services, our extensive ecosystem of Collibra partners offer additional support in areas such as:

  • Strategy
  • Legal
  • Privacy & Compliance
  • Systems Integration
  • Data Management

GDPR Accelerator

The Collibra GDPR Accelerator helps organizations speed time to compliance through delivery of an extended data governance operating model tailored for the GDPR. With the accelerator, organizations can bring together the right people, data sets, and technology to document business processes to help address the requirements of Article 5 and Article 30. Delivered workflows help organizations log, manage, and assign the DPO the task of reporting data breaches. And diagrams help to show how data flows throughout the organization, which applications use the data sets, and where the data live. The GDPR accelerator also delivers role-based dashboards that allow you to assess the risk and maturity of your compliance processes, continue to address gaps in data management efforts, and trigger workflows for ongoing compliance.

Get In Touch

Please complete the below form