To comply with GDPR, you first need to know where your data is. Find out how the CloverETL Harvester can crawl all data across your organization and tell you where you have Personally Identifiable Information (PII)
To find out more, just drop us a line: www.cloveretl.com/harvester-find-out-more
2. 3 Sides of GDPR
To comply with GDPR regulations, you need to
look at 3 different parts of your business.
The legal side
Are all your consent forms, paperwork, etc.
complying with what GDPR requires?
The processes you manage
What are you doing with sensitive data now,
and how might that need to change?
The data itself
Do you know what sensitive data you
actually have? And where?
If you don’t know and understand your data, you might build your legal and process
changes on faulty assumptions — failing to comply without even knowing.
Legal
Data
Process
1
2
3
3. To be able to manage your data properly, you first need to know where it is.
Just because a field in your database isn’t labelled as Personally Identifiable
Information (PII), it doesn’t mean that it doesn’t contain any.
Knowing Where Your Data Is
PROBLEM 1
THE PII MAP How It Works
The CloverETL Harvester can crawl all your
data, and tell you where you really have PII.
The Harvester builds a complete map of
where your sensitive data exists.
Harvester is first “trained” on sensitive
domains and data samples
Profiles your data and reports statistics
on the sensitive matches including
weighting scores
Our analysts then finish the process by
examining and polishing the results
1
2
3
4. Anonymizing your data can be a way of complying with GDPR in certain
scenarios. Simple anonymization (like masking PII with ‘*’) can limit the usability
of data, so instead, enter pseudonymization:
Anonymization
PROBLEM 2
ANONYMIZATION ENGINE
Pseudoanonymization processes can break the link between personal info and
other data, but retain some of the data’s previous qualities
The anonymisation engine also enables extension of GDPR compliance to
broader use of your data – for example sharing portions of pseudoanonymized
data as reliable test data sets with software vendors
5. Data consent under GDPR is about to get complicated. Various levels of consent
need to be managed across a multitude of applications, reflecting consumer
requests to withdraw or modify their preferences at any time.
Managing Consent
PROBLEM 3
DATA CONNECTIONS
CloverETL helps manage data across applications, so consent information can be
centralized and shared from a single source of truth
New connections can be built between applications so each aspect of the
organization is using the same, accurate information to ensure compliance
6. With new rights for consumers to manage their data, it’s likely organizations
will find themselves handling many more requests to change consent or delete
data (the ‘right to be forgotten’). It will be hard, if not impossible, to continue
handling these manually.
Executing Data Rights
PROBLEM 4
AUTOMATIC PROCESSING
With the PII Map, it becomes easy to see exactly where information about a data
subject sits, so changes can be implemented properly
CloverETL enables processes to be set up that automate fulfillment of consent
changes, with little or no human interaction - both saving time and eliminating
(potentially costly) errors
7. Under GDPR, organizations are required to maintain audit trails of every data
interaction – where the data came from, what happens to it and where it’s
being shipped to.
Reporting and Auditing
PROBLEM 5
COMPLETE DATA HISTORY
CloverETL’s reporting and audit capabilities can automatically log
all interactions with sensitive data
Audit trails can be built easily, showing the complete history of your
data’s journey
8. Start Now
With our help and technology, we can solve the data part of GDPR for you.
Get complete understanding of
all your data and back your new
compliance business processes
with dependable, transparent
and automated data pipelines.
Legal
Data
Process
C o n t a c t C l o v e r E T L