Some studies show that companies don't know what half the data they store is. That means they can't use it to generate insights that support the business, potentially costing them growth opportunities. Now, with the new General Data Protection Regulation (GDPR) set to take effect in the European Union next May, that so-called "dark data" can potentially cost companies more: big fines.
Meeting GDPR Rules Requires Knowing Your Data
The GDPR requires companies to take steps to protect EU residents' personal data. Companies are requires to request permission to collect and use information, report any breaches, and allow individuals to correct their data and request its deletion. Failure to comply can lead to fines as big as €20million or more.
Accomplishing those goals is impossible when you don't know what data you're collecting, what you're doing with it, where you're storing it, and how long you're keeping it. For many companies, the biggest challenge they face in achieving GDPR compliance won't be defining policies and implementing controls, but rather simply shining a light on their data to ensure that all of it is managed.
Even organizations that have centralized database support will need to go beyond those teams to find data that's covered by GDPR. The regulation doesn't just apply to structured databases but also any data in emails, forum comments, instant messages, and spreadsheets on employees' laptops.
Tools to Find and Manage Data Covered by GDPR
The only way for companies to achieve GDPR compliance will be by using tools to help them discover where personal data is hiding. The suite of products from Veritas offers the support you need for finding data and protecting it as required by GDPR. With the following tools, you can build an integrated, effective GDPR compliance solution:
- Data Insight: Use analytics to understand how users are accessing data, including unstructured information. This supports GDPR's requirement that data be used only for the agreed purpose and that breaches can be identified and reported.
- Information Map: Gain a comprehensive vision of where data resides, including files hidden in virtual machine snapshots. Understanding where personal data resides is the first step to being able to ensure it is properly used and protected.
- e-Discovery Platform: Search through data stores, including unstructured data such as email and audio files, to find files containing personal data. With this information you can satisfy the GDPR requirement that individuals be able to review and correct their data.
- Enterprise Vault: Manage data retention policies and automate deletion of data when the required retention period is complete. This ensures that data is kept only as long as needed for its required purpose, as mandated by GDPR.
- NetBackup: Reliably backup data while gathering metadata needed to support Veritas' other tools. Copy data management allows organization to use their backed up data and reduces the sprawl and spread of files with protected information.
Failing to meet the GDPR requirements can cost companies significant fines. dcVAST's support for the Veritas product suite means we're able to help companies effectively leverage these tools to achieve GDPR compliance. Contact us to learn how managed NetBackup, managed Enterprise Vault, Data Insight services, and the rest of our Veritas experience can guide you to GDPR compliance.