About a-team Marketing Services

A-Team Insight Blogs

GDPR Week One: Outstanding Data Management Challenges and a Quick Start Solution

Subscribe to our newsletter

The May 25, 2018 deadline for General Data Protection Regulation (GDPR) may have come and gone, but the compliance journey is only just beginning as firms review systems built to get them over the line and plan more robust and sustainable solutions that can support a cost-efficient response to data subject access requests and accommodate regulatory change over the long term.

The outstanding data management issues of GDPR and the potential of a Quick Start solution for firms within the scope of the regulation were discussed during an A-Team Group webinar this week. The webinar was moderated by Sarah Underwood, editor of A-Team’s Data Management Review and joined by Hany Choueiri, GDPR consultant at AON; Craig Taylor, an independent consultant and former GDPR programme manager; Jennifer Shorten, technical delivery architect, EMEA, at MarkLogic; and Chris Atkinson, solutions architect, EMEA, at MarkLogic.

The webinar opened with an audience poll that set the scene on compliance levels in capital markets. Some 39% of respondents said they were somewhat compliant with GDPR on the compliance deadline, 26% were completely compliant, 22% were close to compliance, 9% could show intent, and 4% were not at all compliant.

Noting a predominantly positive response to the poll question, Choueiri said: “GDPR has not been a tick box exercise for most financial services firms. It has been hard work and has put data privacy at the heart of organisations. It is also a journey, with firms having ongoing compliance plans through 2018 and beyond.”

A second audience poll asked the webinar audience which are the toughest, ongoing GDPR data management challenges. Getting consent to use personal data topped the poll results with 52% of respondents citing it as a challenge. Some 48% cited identifying personal data, 44% providing access to personal data, 37% storing personal data, and 33% keeping personal data up to date. Reflecting on the poll results, Taylor commented: “It’s difficult to get visibility of all data subjects across all systems. The right to be forgotten is also a challenge and asks open questions on how far firms must go to comply. Must data be deleted, or could it be marked as not to be used?”

Considering GDPR solutions, Atkinson noted the need for a client centric view of personal data coupled to strong data governance. Shorten noted that if firms run data governance across systems rather than focussing on data subjects, there is a chance that they won’t be compliant.

Atkinson went on to describe MarkLogic’s GDPR Quick Start solution that supports compliance, delivers a 360-degree view of clients and can be up and running in four weeks. He explained: “Large and small firms typically aggregate data across multiple systems. Quick Start adds a layer of consent management on top of the aggregated data and uses event management techniques to maintain a composite record of consent across systems. This provides a 360 view of clients.” Among other features, the solution includes white, grey and black lists of data identifying what personal data can and cannot be used based on data subjects’ consents.

On the opportunities beyond GDPR compliance of a 360 view of clients, Shorten commented: “The client data can be anonymised and used for purposes such as gaining business insight.” Summing up GDPR requirements and offering some final advice to data practitioners working on the regulation, she concluded: “Know where personal data is, not just where it might be, and find a solution that supports data mapping. The winners will be firms that can comply with GDPR and maintain the agility needed to innovate, change and grow.”

Subscribe to our newsletter

Related content

WEBINAR

Upcoming Webinar: How to ensure employees meet fit and proper requirements under global accountability regimes

Date: 17 September 2024 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Fitness and proprietary requirements for employees of financial institutions are not an option, but a regulatory obligation that calls on employers to regularly assess employees’ honesty, integrity and reputation, competence and capability, and financial soundness. In the UK, these...

BLOG

Regulated Firms that Don’t Trust Electronic Identification Verification Risk Financial Crime

More than 36% of people in regulated firms who ‘can’t trust’ electronic identity verification technology and instead rely on manual checks are leaving their doors open to financial crime, according to research by anti-money laundering specialist SmartSearch. This statistic, from SmartSearch’s 2023 annual survey of 500 compliance stakeholders across financial, accountancy, property and legal services,...

EVENT

TradingTech Summit London

Now in its 14th year the TradingTech Summit London brings together the European trading technology capital markets industry and examines the latest changes and innovations in trading technology and explores how technology is being deployed to create an edge in sell side and buy side capital markets financial institutions.

GUIDE

High Performance Technologies for Trading

The highly specialised realm of high frequency trading without doubt is a great driver for a range of high performance technologies that are becoming essential tools for Wall Street. More so than the now somewhat pedestrian algorithmic trading and analytics/pricing applications that are usually cited as the reason that HPC is hitting the financial markets,...