Skip to content

IQ International Webinars:


Topic:

Data Quality integration to manage Data Privacy better

Abstract:

Today, the current need of organizations is to de-lineate Data Privacy from Information Privacy to achieve compliance with regulations like GDPR and to manage data related risks better. Further, Data Privacy services need to be set up and aligned with the Chief Data Office. In this webinar, we would look at the principles of data privacy to understand the level of integration required with Data Quality. Further, we will also understand the dimensions of data quality that are necessitated by Privacy management.
This webinar will discuss

  • De-lineating Data Privacy and Information Privacy
  • Data Quality needs to manage Data Privacy
  • Achieving Cross Enterprise Governance between Dimensions
  • Integrating Data privacy into Data or Risk Management
  • Practical advice on certain challenges

Date recorded:

17 January 2017

Q&A:

Question-1

Does a profile for a privacy classified data element need to be stored in metadata repository.

Tej's response

The data element can be looked up for it's characterstics using querying or profiling capabilities. The profile of the data element needs to be defined from the characterstics (what can be called as required mix, max values or currency of the data required, timeliness or precision). This can be embedded in the meta-model or can be linked to a tool where the profile can be stored.It is not required to store the characteristics of the data as and when the data quality rules are run and would be an overkill.

Along with the thresholds, the data rules including data quality rules need to be stored in the data dictionaries. Most meta-models leverage this for the extended use for specializing the data rules for a project or context like reporting or BI.

Question-2

What happens to data that has been collected without customer consent

Tej's response

If data is collected without consent, the same needs to be decayed. If there is historical customer PII data existing with loss of consents but there is a need to apply it for a purpose; a privacy notice for consent can be sent to the customer. Based on the consent the data needs to be applied or decayed but restrictions might apply on storing data without consents. One can refer to Gramm–Leach–Bliley Act (GLBA) for more information.

Question-3

If Data is aggregated - how does classification work in this scenario.

Tej's response

Let us think that in this scenario, privacy classification for a data element like SSN or Address has been labeled as "Highly Restricted" or "Direct client identifying". One can apply the highest classification when data is aggregated in context or use a weighted criteria. The controls as requirements from Privacy, thereby will apply.

Recording:

 

Speakers:

Page not found - IQ International
Skip to content

It looks like nothing was found at this location. Maybe try one of the links below or a search?

Archives

Try looking in the monthly archives. 🙂

Moderator:

Page not found - IQ International
Skip to content

It looks like nothing was found at this location. Maybe try one of the links below or a search?

Archives

Try looking in the monthly archives. 🙂



About IQ International Webinars:

An IQ International Webinar is a moderated webinar open to all, designed to serve as discussion platform for the data and information quality community. The webinars are supported and organized by IQ International -- the International Association for Information and Data Quality. IQ International seeks to engage experts with experience and expertise in the field of data and information quality.

Please join us for this exciting 60 minute event free of charge, but seating is limited to first 200 respondents. Hence, hurry up and register today

After registering you will receive a confirmation email containing information about joining the Webinar