Comprehensive data management framework aids in GDPR compliance
Because the privacy function is executed across the enterprise wherever personal data is managed, compliance with the upcoming General Data Protection Regulation is only achievable when a comprehensive data management framework is in place.
That’s the key finding of a new study from The EDM Council, a non-profit trade association that promotes the practice of data management as a business and operational priority.
The council said using its Data Management Capability Assessment Model can provide the structure and critical capabilities needed to support the data and data management requirements of GDPR compliance.
The report, “General Data Protection Regulation (GDPR): The Role of Data Management,” describes the data management best practices needed to help organizations from all industries comply with GDPR, said John Bottega, executive director of the EDM Council. “This is an important example of how the EDM Council continues to collaborate with industry experts in order to bring value to its members and to all industries impacted by GDPR.”
The report is timely, given the impending GDPR deadline of May 25, 2018 and the risks of non-compliance being as high as 4 percent of annual global revenue. Despite the risks, many organizations remain unprepared, the council said.
The EDM Council report, along with two supporting documents, “GDPR Requirements Analysis Quick Reference Guide” and the “GDPR Work Group Analysis Worksheet,” are available at www.edmcouncil.org.