Andrew Chumney, Single View Solutions Manager, Pitney Bowes with Navneet Mathur, Senior Director of Global Solutions, Neo4j and Alex Batanov, Field Engineer, Neo4j:Europe’s General Data Protection Regulations (GDPR) will go into effect in less than a year and all companies holding data on European residents will be required to comply. Are you prepared?
Watch this webinar to understand how graph-based metadata is the best guide for organizations and IT departments to use on their path to compliance.
4. GDPR – The Mile-High Summary
• EU’s General Data Protection Regulation enforces that:
• Personal Data belongs to the Individuals and they have the right to ensure it is
protected. GDPR is about protection of Personal Data of European residents.
• Applies to any organization (large or small) that does business in EU and has
personal data of EU residents.
• Ratified in April 2016
• US Companies may relate to this as PII (Personally Identifiable Information) data
Ninety-two percent of U.S. multinational companies cited compliance with the looming General Data
Protection Regulation (GDPR) as a top data protection priority, according to new research from PwC. Sixty-
eight percent are earmarking between $1 million and $10 million on GDPR readiness and compliance efforts,
with 9 percent expecting to spend over $10 million – Jay Cline, PwC’s U.S. privacy leader
49% of respondents say “no one” is pushing GDPR preparation,
29% say legal department, 14% say Management, 8% say IT - Imperva Survey @ RSA 2017
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC
5. GDPR will impact your business
- Liability
• Fines amount to 4% of the global turnover(revenue) or €20M
whichever is higher, for each instance of breach
• Talk of adding Personal Liability for the officers of the company
• Among the proposals for the U.K.’s new Digital Economy Bill (the Bill),
due to become law next spring, is one under which company directors
would become personally liable for payment of fines as a result of
nuisance calls being made by their companies.
Google fined record €2.4bn by EU over [manipulating] search engine results
NHS illegally handed Google firm [AI] 1.6m patient records, UK data watchdog finds
10. Great! so what do we really need to do?
• Implement a data governance platform
• Data definition via business glossary mapped to
implementation detail
• Tracking create / update / access / deletes of data
• Tying relevant processes that operate on regulated data
• Building reverse lineage capability to map the data flow
• Define data lifecycle management process and policies
• Implement a visual dashboard of KPIs
• Provide a portal and programmatic interface for individuals
• access/update their data, provide/revoke consent, transfer data & view rights
• Create a regulatory governance steering group lead by DPO
13. Key to Unlocking Data Hub Value
13
Traditional approach
Rigid data models tied to RDBMS
lack agility – Complex to model and
store natural relationships
Overly structured schemas force the
business to know all the questions up-
front – Maintenance is painful, time
based data accumulations are difficult
Graph Based approach
Dynamic Schema – Iterative data
discovery allows for continuous
relationship additions and data node
creation
Richer Output – Highly connected
entities allow for dynamic search,
analysis and time based assessments
Firm
Individual
Account
Location
owns
lives at
owns
has
22. Data Stewardship and Governance
Initial Spectrum Dataflow
Business Steward
Portal
Exception
Repository
Exception Reprocessing Dataflow
Value
•Provides a governance process to manage the compliance of every data source
•Provides a single point to effectively manage and analyze exceptions
•Provides dashboard and reporting capabilities to quickly see data issues
24. “Why Neo4j”: What We Hear From Users
ACID Transactions
• ACID transactions with causal
consistency
• Neo4j Security Foundation delivers
enterprise-class security and control
Performance
• Index-free adjacency delivers millions
of hops per second
• In-memory pointer chasing for fast
query results
Agility
• Native property graph model
• Modify schema as business changes
without disrupting existing data
Developer Productivity
• Easy to learn, declarative openCypher
graph query language
• Procedural language extensions
• Open library of procedures and
functions APOC
• Neo4j support and training
• Worldwide developer community
… all backed by Neo’s track record of
leadership and product roadmap
Hardware Efficiency
• Native graph query processing and storage
requires 10x less hardware
• Index-free adjacency requires 10x less CPU
26. How to get Started
- Suggested Approach
• Review regulation
• Do you offer goods or services to
people in the EU?
• Do you monitor behavior
(including online activity) of
people residing in the EU?
• Do you process personal data on
EU residents on behalf of a
company based in the EU?
Determine
applicability
• Evaluate regulatory
requirements,
• Evaluate current process and
data movements to determine
control points
• Assess organizational capabilities
• Understand the financial and
operational consequences
Assess
• Data Governance Platform
• Data Lineage Capability
• Connected Graph of People,
access & control points,
processes, locations, etc.
• Portal & programmatic access for
individuals
• DPO role & processes
Implement
• Notify individuals
• Notify regulators
• Publish summarized assessment
and implementation report
• Provide management and board
risk and impact assessment
report
Comply by
May 25, 2018
People Process Technology