Hidden Data Within My Organization
Submitted by BDO, a partner of M&A Leadership Council
Data volumes continue to grow despite efforts to reduce digital footprints across the organization. Wherever you look, every part of your organization stores data. Do you know where your EU personal data resides? Can you easily find it, correct it, provide a copy of it to a data subject, or even delete it? As discussed in BDO’s GDPR Checklist, the first step is to identify relevant business processes, systems, and data sets likely to contain personal data. The second step is to determine which data sets contain EU personal data belonging to EU “data subjects”.
As part of the initial step of identifying relevant data sets, consider where data might be hiding by assessing individual departments and locations. In this article, we identify two buckets for you to consider: “suspected culprits” and “the ones who almost got away”. As we have been working through our clients’ readiness and implementation steps, we have identified certain departments that consistently store large amounts of data that may be impacted by GDPR that were not effectively considered in the first or second evaluations of the organizations’ data.
