Data Privacy

Data Governance

Unlocking the potential of data by reducing regulatory risks

Industries:

Finance & Insurance - Retail & FMCG - Transportation - Energy & Utility - Life Science - Industrial

Solutions:

Data Governance

Technologies:

Blindata - Aws - Azure - Google Cloud Platform

Overview

Digital evolution has brought several improvements: the volumes of personal data collected, their diffusion across corporate systems and the opportunities generated in order to produce personalized customer experiences.

At the same time, the regulatory obligations for personal data managers have also increased (e.g. GDPR, IVASS Regulation no. 38/2018, Bank of Italy Circular 263 and 285, etc. ..).
A correct management of this data is therefore crucial to avoid economic and reputational damage due to improper use.

Data privacy aims to de-identify the data management through various anonymisation techniques in order to allow its use while reducing the regulatory constraints that need to be observed in order to be compliant.

Challenges

Among the main problems related to the lack of data privacy management we can find:

High risks of sanctions for non-compliance in the processing of personal data
Limits on the use of collected data to avoid sanctions
Reputational risks due to public evidence of misuse of collected personal data

4% is the percentage of turnover

that defines the ceiling for the regulator's combined penalties for non-compliance with GDPR rules

GDPR.eu (2021)

97% of companies expect an increase

in data privacy spending in the coming year, with an average increase of 50%

IBM (2020)

79% of Americans are not entirely sure

whether companies would admit mistakes or take responsibility for misuse or compromise of their personal data, and 69 per cent express doubts about their data being used for purposes they would welcome

Pew Researcher Center (2019)

Solution

The cloud data platform exploits the peculiarities of the cloud to acquire, transform, store and make accessible a potentially unlimited amount of data, reducing operational costs and increasing development agility.

Once acquired in batch or real-time mode, the data is stored and consolidated within the data lake by on-demand integration processes.

On top of the data lake consisting of a scalable and cost-effective storage system (i.e. object storage), query engines are grafted to access the data. Depending on the type of access pattern, it is possible to have different types of query engines.

It is also possible to have a data visualization tool to provide analytical consumers with a single semantic data access layer, thus masking the underlying fragmentation into multiple query engines.

The full route

1. Foundation

Infrastructure setup; at-rest encryption of all data; de-identification for entities containing higher risk information for a limited set of personal data types (e.g. email and credit cards)

2. Govern

Integration with governance tools for defining data types and protection requirements; use of discovery tools for data whose type of information is not known in advance; drill-down of roles to specify Row-Level and Column Level security rules for each entity

3. Expand

Expand coverage to other entities and data types