SlideShare una empresa de Scribd logo

Information Quality And Data Protection

Descargar como PPTX, PDF
C
Castlebridge Associates

Information Quality is often seen as just another problem in organisations, as is Data Protection. In this presentation, Daragh O Brien of the IAIDQ explains how both issues are closely related and how by taking an "Information Quality Eye" approach to Data Protection you can ensure that your organisation benefits from both better quality and better protection.

EmpresarialesTecnología
1 de 29
Information Quality and Data Protection Two sides of the same coin
Introduction About me, about the presentation
About Me Defining & Implementing an effective Data Quality Since 2004 Author of Strategy, Ark Group 2008 (ISBN 978-1-906355-14-2) Since 2005 Regular contributor to ComputerScope Magazine, Running Your Business (Magazine of Irish Small Firms Association) , and the IADQ Newsletter Since 2005 (www.iaid.org/publications) Since 2008 •Graduate of UCD Faculty of Law (Business & Legal Studies), •Lecturer in Legal Regulation for Information Systems, European Masters in Business Informatics, Dublin City University
About Me Winner in 2008 of an Obsessive Blogger award from one of the leading Irish Blogging Communities for my writing on my personal blog (http://obriend.info) and elsewhere about Information Quality topics.
About this Presentation Crash course in first principles  Data Protection   European rules… US rules are different and have over a dozen different discrete State and Federal laws that tackle specific instances of issues…. Information Quality  Basic principles (very elementary)  Analysis  Relevance of Information Quality to Data Protection  Relevance of Data Protection to Information Quality  Conclusion  A detailed handout is available to accompany these slides.
First: Principles Some fundamentals. Made fun. Not mental.
Conclusion Data Protection and Information Quality are inextricably  linked Approaching your Data Protection obligations with an  “Information Quality Eye” will ensure improved capability to comply with regulation while also ensuring information in your organisation is of the highest possible quality, ensuring customer satisfaction and avoiding other regulatory risks. Viewing Information Quality and Data Protection as two  „silo‟ problems deprives you of the potential to add greater value to your organisation while managing privacy/data protection risks.
Data Protection DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. 2. It shall be for the controller to ensure that paragraph 1 is complied with.
Data Protection DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. 2. It shall be for the controller to ensure that paragraph 1 is complied with.
Data Protection DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. 2. It shall be for the controller to ensure that paragraph 1 is complied with.
Fundamental Data Protection Principles Obtain the information fairly  Use only for purposes for which it was obtained  Process it only in ways compatible with the purposes  for which it was given to you initially Keep it safe and secure  Ensure that the information is accurate, relevant, and  not excessive Retain it for no longer than is necessary for the  stated purposes Give a copy of the information held by you relating to  them to an individual when requested
Fundamental Data Protection Principles Obtain the information fairly  Use only for purposes for which it was obtained  Process it only in ways compatible with the purposes  for which it was given to you initially Keep it safe and secure  Ensure that the information is accurate, relevant, and  not excessive Retain it for no longer than is necessary for the  stated purposes Give a copy of the information held by you  relating to them to an individual when requested
Data Protection SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. Give a copybe for the controller to ensure by you relating to them to an individual when 2. It shall of the information held that paragraph 1 is complied with. requested
Example of a Bad Data Protection Practice “Sign up for a raffle” Lots of personal data… Left completely unattended, along with a box full of more sheets like this one…
Data Protection & Information Quality Mapping the Relationship…
Information Quality Meeting or exceeding information consumer expectations Reducing variation around a mean for the performance and perceived value of an information product Beauty is in the eye of the beholder
Information Quality Data and Information are of high quality if they are fit for their uses (by customers) in operations, decision- making, and planning. They are fit for use when they are free of defects and possess the features needed to complete the operation, make the decision, or complete the plan. Joseph Juran
Information Quality What he said… only the view of the customer needs to be broad enough in your organisation… Is having your data lost or stolen a “feature” of the service you are buying? Dr Tom Redman
Setting & Meeting Expectation 1 Obtain and process the information fairly Setting Expectation Keep it only for one or more specified and 2 Setting Expectation lawful purposes Process it only in ways compatible with the 3 purposes for which it was given to you Meeting Expectation initially 4 Keep it safe and secure Meeting Expectation 5 Keep it accurate and up to date Meeting Expectation Ensure information is accurate, relevant and 6 Meeting Expectation not excessive Retain information for no longer than is 7 Meeting Expectation necessary for the stated purposes Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request
Planning to meet expectations Quality of an asset (product, finance, people) is achieved through •Planning •Control •Improvement Joseph Juran
Asset Life Cycle – POSMAD Model Asset Store/Shar Plan Obtain Maintain Apply Dispose Life e Cycle What are our Are we using the What info do I Where/how will Do we have a How will we get process to info for purposes need to we store this retention policy „maintain‟ the it? identified @ capture? info? for this data? information? PLAN How are we How will we Can we find it Do we work Questions you might ask Why do we keeping our Do we retain this communicate again when with our need it? information up data at all? Hows & whys? needed? suppliers/data to date? service What are the Are we storing How are we providers to How do we processes we‟ll What will we the same data correcting ensure they dispose of our old use it for? use to get this many times in errors in our have adequate data? info? many places? data? procedures in What‟s our plan Will these Do our staff place to protect for ensuring Does our data Who will we processes know how/why the data we data integrity become share it with? capture quality we keep info hold on trust? (relating all our “excessive” over info? up to date? records)? time , even if it Will the Do our metrics was appropriate processes Is our data Do we protect Why would we and processes at the time it create poor storage copies of data share it? support this was captured? quality secure? on laptops etc? objective? information? What Is our data Can we find it Am I capturing processes will Is our data storage when we need too much info? we have to find disposal secure? secure? it? and fix errors? DP 1,2,3,5,6,7 1.2,3,4,5,6 1.2,3,4,5,6, 1,3,5,6 4,7,8 1,3,5,6,8 Principle ,8 ,8 7 s
Example of a Bad Data Protection Practice “Sign up for a raffle” Lots of personal data… Left completely unattended, along with a box full of more sheets like this one…
Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request A needle in a haystack? Find ALL the data you have about ONE specific person based just on their name, address, other identifying data… not necessarily an account number or other unique reference. For example: Daragh O Brien, 13 Any Street, Anytown, Ireland.
Why did I get into Information Quality (an old slide, but a good slide) Daragh  Darragh  Dara  Darra  Daire  Darach  Darrach  Dáire  Daira  Daireach  Gender?  Male or Female  SPELLING DOES NOT give a clue  Confusion  Often miskeyed as TARA (definitely female)  Often confused with Darren (male) or Daryl (male or female)  Also confused with Daria (female)  Also confused with Dora (female)  O Brien  NOT O‟Brien (anglicised version of gaelic name)  Also use O Briain (proper Irish language spelling)  Will accept O‟Brien (mainly out of laziness at this stage)  Grew up on “Foxfield St. John”  Data cleansing software often changes this to “Foxfield Street John”  Or “St. John‟s, Foxfield” 
Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request Lots of data repositories? Which haystack?
Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request Potential duplicate records? Which needle?
Conclusion
Conclusion  Information is an asset  Its quality can be managed and improved just like any other asset.  It should be protected like  Data Protection and Information Quality are inextricably linked
Conclusion Approaching your Data Protection obligations  with an “Information Quality Eye” will ensure improved capability to comply with regulation while also ensuring information in your organisation is of the highest possible quality, ensuring customer satisfaction and avoiding other regulatory risks. Viewing Information Quality and Data Protection  as two „silo‟ problems deprives you of the potential to add greater value to your organisation while managing privacy/data protection risks.

Recomendados

TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data GraveyardsTrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data GraveyardsTrustArc
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewErnest Staats
 
Information Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesInformation Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesCraig Adams
 
Data protection training emea new joiners. mandatory quiz
Data protection training emea new joiners. mandatory quizData protection training emea new joiners. mandatory quiz
Data protection training emea new joiners. mandatory quizDeborahchiesa
 
Avoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by DesignAvoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by Designbradley_g
 
GDPR and Hadoop
GDPR and HadoopGDPR and Hadoop
GDPR and HadoopJanosch Woschitz
 
Data protection Act - Key Terms
Data protection Act - Key TermsData protection Act - Key Terms
Data protection Act - Key TermsDouglas Nderitu
 
Dataprotectionactnew13 12-11-111213033116-phpapp02
Dataprotectionactnew13 12-11-111213033116-phpapp02Dataprotectionactnew13 12-11-111213033116-phpapp02
Dataprotectionactnew13 12-11-111213033116-phpapp02tinkusing
 

Recomendados

TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data GraveyardsTrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data GraveyardsTrustArc
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewErnest Staats
 
Information Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesInformation Governance Maturity for Financial Services
Information Governance Maturity for Financial ServicesCraig Adams
 
Data protection training emea new joiners. mandatory quiz
Data protection training emea new joiners. mandatory quizData protection training emea new joiners. mandatory quiz
Data protection training emea new joiners. mandatory quizDeborahchiesa
 
Avoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by DesignAvoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by Designbradley_g
 
GDPR and Hadoop
GDPR and HadoopGDPR and Hadoop
GDPR and HadoopJanosch Woschitz
 
Data protection Act - Key Terms
Data protection Act - Key TermsData protection Act - Key Terms
Data protection Act - Key TermsDouglas Nderitu
 
Dataprotectionactnew13 12-11-111213033116-phpapp02
Dataprotectionactnew13 12-11-111213033116-phpapp02Dataprotectionactnew13 12-11-111213033116-phpapp02
Dataprotectionactnew13 12-11-111213033116-phpapp02tinkusing
 
Symantec Data Insight for Storage
Symantec Data Insight for StorageSymantec Data Insight for Storage
Symantec Data Insight for StorageSymantec
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
Symantec Data Insight 4.0 July 2013
Symantec Data Insight 4.0 July 2013Symantec Data Insight 4.0 July 2013
Symantec Data Insight 4.0 July 2013Symantec
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
#CyberSafeLambeth
#CyberSafeLambeth#CyberSafeLambeth
#CyberSafeLambethThe Integrate Agency CIC
 
Complying with Singapore Personal Data Protection Act - A Practical Guide
Complying with Singapore Personal Data Protection Act - A Practical GuideComplying with Singapore Personal Data Protection Act - A Practical Guide
Complying with Singapore Personal Data Protection Act - A Practical GuideDaniel Li
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014kevintsmith
 
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersAdjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersTravis Greene
 
Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Iron Mountain
 
A Little Security For Big Data
A Little Security For Big DataA Little Security For Big Data
A Little Security For Big DataSaurabh Kheni
 
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Khaled El Emam
 
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...IJSRD
 
Webinar Win In Court V3
Webinar Win In Court V3Webinar Win In Court V3
Webinar Win In Court V3J. David Morris
 
Data Processing - data privacy and sensitive data
Data Processing - data privacy and sensitive dataData Processing - data privacy and sensitive data
Data Processing - data privacy and sensitive dataOpenAIRE
 
J017536064
J017536064J017536064
J017536064IOSR Journals
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Ltd
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Miningwanani181
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...pdesrochers
 
Information Governance Outcomes and Benefits
Information Governance Outcomes and BenefitsInformation Governance Outcomes and Benefits
Information Governance Outcomes and BenefitsHoward Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 

Más contenido relacionado

La actualidad más candente

Symantec Data Insight for Storage
Symantec Data Insight for StorageSymantec Data Insight for Storage
Symantec Data Insight for StorageSymantec
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
Symantec Data Insight 4.0 July 2013
Symantec Data Insight 4.0 July 2013Symantec Data Insight 4.0 July 2013
Symantec Data Insight 4.0 July 2013Symantec
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
Complying with Singapore Personal Data Protection Act - A Practical Guide
Complying with Singapore Personal Data Protection Act - A Practical GuideComplying with Singapore Personal Data Protection Act - A Practical Guide
Complying with Singapore Personal Data Protection Act - A Practical GuideDaniel Li
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014kevintsmith
 
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersAdjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersTravis Greene
 
Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Iron Mountain
 
A Little Security For Big Data
A Little Security For Big DataA Little Security For Big Data
A Little Security For Big DataSaurabh Kheni
 
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Khaled El Emam
 
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...IJSRD
 
Data Processing - data privacy and sensitive data
Data Processing - data privacy and sensitive dataData Processing - data privacy and sensitive data
Data Processing - data privacy and sensitive dataOpenAIRE
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Ltd
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Miningwanani181
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data miningharithavijay94
 

La actualidad más candente (20)

Symantec Data Insight for Storage
Symantec Data Insight for StorageSymantec Data Insight for Storage
Symantec Data Insight for Storage
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
Symantec Data Insight 4.0 July 2013
Symantec Data Insight 4.0 July 2013Symantec Data Insight 4.0 July 2013
Symantec Data Insight 4.0 July 2013
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
 
#CyberSafeLambeth
#CyberSafeLambeth#CyberSafeLambeth
#CyberSafeLambeth
 
Complying with Singapore Personal Data Protection Act - A Practical Guide
Complying with Singapore Personal Data Protection Act - A Practical GuideComplying with Singapore Personal Data Protection Act - A Practical Guide
Complying with Singapore Personal Data Protection Act - A Practical Guide
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
 
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersAdjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
 
Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Maximize the Business Value of Your Information
Maximize the Business Value of Your Information
 
A Little Security For Big Data
A Little Security For Big DataA Little Security For Big Data
A Little Security For Big Data
 
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
Big Data Meets Privacy:De-identification Maturity Model for Benchmarking and ...
 
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
A Survey Paper on an Integrated Approach for Privacy Preserving In High Dimen...
 
Webinar Win In Court V3
Webinar Win In Court V3Webinar Win In Court V3
Webinar Win In Court V3
 
Data Processing - data privacy and sensitive data
Data Processing - data privacy and sensitive dataData Processing - data privacy and sensitive data
Data Processing - data privacy and sensitive data
 
J017536064
J017536064J017536064
J017536064
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Mining
 
Information security in big data -privacy and data mining
Information security in big data -privacy and data miningInformation security in big data -privacy and data mining
Information security in big data -privacy and data mining
 

Destacado

Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...pdesrochers
 
Do’s and Don’ts of Employee Recordkeeping
Do’s and Don’ts of Employee RecordkeepingDo’s and Don’ts of Employee Recordkeeping
Do’s and Don’ts of Employee RecordkeepingHR 360, Inc.
 
From Asset to Impact - Presentation to ICS Data Protection Conference 2011
From Asset to Impact - Presentation to ICS Data Protection Conference 2011From Asset to Impact - Presentation to ICS Data Protection Conference 2011
From Asset to Impact - Presentation to ICS Data Protection Conference 2011Castlebridge Associates
 
Three dimensions of information systems
Three dimensions of information systemsThree dimensions of information systems
Three dimensions of information systemsSuleyman Ally
 

Destacado (7)

Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
Recordkeeping Directive 101: Everything you wanted to know, but were too afra...
 
Information Governance Outcomes and Benefits
Information Governance Outcomes and BenefitsInformation Governance Outcomes and Benefits
Information Governance Outcomes and Benefits
 
Do’s and Don’ts of Employee Recordkeeping
Do’s and Don’ts of Employee RecordkeepingDo’s and Don’ts of Employee Recordkeeping
Do’s and Don’ts of Employee Recordkeeping
 
Daragh O Brien 2014 IAIDQ presidency
Daragh O Brien 2014 IAIDQ presidencyDaragh O Brien 2014 IAIDQ presidency
Daragh O Brien 2014 IAIDQ presidency
 
Introduction to Information Quality
Introduction to Information QualityIntroduction to Information Quality
Introduction to Information Quality
 
From Asset to Impact - Presentation to ICS Data Protection Conference 2011
From Asset to Impact - Presentation to ICS Data Protection Conference 2011From Asset to Impact - Presentation to ICS Data Protection Conference 2011
From Asset to Impact - Presentation to ICS Data Protection Conference 2011
 
Three dimensions of information systems
Three dimensions of information systemsThree dimensions of information systems
Three dimensions of information systems
 

Similar a Information Quality And Data Protection

Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory ServiceIron Mountain
 
ISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP AlignmentISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP AlignmentMohammed J. Khan
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionAtlas_Cloud
 
Effective Information Management V2 18sep2008
Effective Information Management V2 18sep2008Effective Information Management V2 18sep2008
Effective Information Management V2 18sep2008Collabor8now Ltd
 
Part 3 - Data Protection Principles.pdf
Part 3 - Data Protection Principles.pdfPart 3 - Data Protection Principles.pdf
Part 3 - Data Protection Principles.pdfkiruthigajawahar6
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000n|u - The Open Security Community
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...TrustArc
 
ISSA Data Retention Policy Development
ISSA Data Retention Policy DevelopmentISSA Data Retention Policy Development
ISSA Data Retention Policy DevelopmentBill Lisse
 
Australia Privacy Act of 1988
Australia Privacy Act of 1988Australia Privacy Act of 1988
Australia Privacy Act of 1988termsfeed
 
Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1rtjbond
 
Security Industry Association Privacy Framework
Security Industry Association Privacy FrameworkSecurity Industry Association Privacy Framework
Security Industry Association Privacy Framework- Mark - Fullbright
 
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...Blancco
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectJohn Macasio
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
Legal And Regulatory Dp Challenges For The Financial Services Sector
Legal And Regulatory Dp Challenges For The Financial Services SectorLegal And Regulatory Dp Challenges For The Financial Services Sector
Legal And Regulatory Dp Challenges For The Financial Services SectorMSpadea
 

Similar a Information Quality And Data Protection (20)

pr Privacy Principles 230405 small.pdf
pr Privacy Principles 230405 small.pdfpr Privacy Principles 230405 small.pdf
pr Privacy Principles 230405 small.pdf
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory Service
 
ISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP AlignmentISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP Alignment
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and Protection
 
week 7.pptx
week 7.pptxweek 7.pptx
week 7.pptx
 
Effective Information Management V2 18sep2008
Effective Information Management V2 18sep2008Effective Information Management V2 18sep2008
Effective Information Management V2 18sep2008
 
Part 3 - Data Protection Principles.pdf
Part 3 - Data Protection Principles.pdfPart 3 - Data Protection Principles.pdf
Part 3 - Data Protection Principles.pdf
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
Lecture 6 data protection and access to client records
Lecture 6 data protection and access to client recordsLecture 6 data protection and access to client records
Lecture 6 data protection and access to client records
 
Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
 
ISSA Data Retention Policy Development
ISSA Data Retention Policy DevelopmentISSA Data Retention Policy Development
ISSA Data Retention Policy Development
 
Australia Privacy Act of 1988
Australia Privacy Act of 1988Australia Privacy Act of 1988
Australia Privacy Act of 1988
 
Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1
 
Gdpr brief and controls ver2.0
Gdpr brief and controls ver2.0Gdpr brief and controls ver2.0
Gdpr brief and controls ver2.0
 
Security Industry Association Privacy Framework
Security Industry Association Privacy FrameworkSecurity Industry Association Privacy Framework
Security Industry Association Privacy Framework
 
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data Subject
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
Legal And Regulatory Dp Challenges For The Financial Services Sector
Legal And Regulatory Dp Challenges For The Financial Services SectorLegal And Regulatory Dp Challenges For The Financial Services Sector
Legal And Regulatory Dp Challenges For The Financial Services Sector
 

Último

Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024Matteo Carbone
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 

Último (20)

Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 

Information Quality And Data Protection

  • 1. Information Quality and Data Protection Two sides of the same coin
  • 2. Introduction About me, about the presentation
  • 3. About Me Defining & Implementing an effective Data Quality Since 2004 Author of Strategy, Ark Group 2008 (ISBN 978-1-906355-14-2) Since 2005 Regular contributor to ComputerScope Magazine, Running Your Business (Magazine of Irish Small Firms Association) , and the IADQ Newsletter Since 2005 (www.iaid.org/publications) Since 2008 •Graduate of UCD Faculty of Law (Business & Legal Studies), •Lecturer in Legal Regulation for Information Systems, European Masters in Business Informatics, Dublin City University
  • 4. About Me Winner in 2008 of an Obsessive Blogger award from one of the leading Irish Blogging Communities for my writing on my personal blog (http://obriend.info) and elsewhere about Information Quality topics.
  • 5. About this Presentation Crash course in first principles  Data Protection   European rules… US rules are different and have over a dozen different discrete State and Federal laws that tackle specific instances of issues…. Information Quality  Basic principles (very elementary)  Analysis  Relevance of Information Quality to Data Protection  Relevance of Data Protection to Information Quality  Conclusion  A detailed handout is available to accompany these slides.
  • 6. First: Principles Some fundamentals. Made fun. Not mental.
  • 7. Conclusion Data Protection and Information Quality are inextricably  linked Approaching your Data Protection obligations with an  “Information Quality Eye” will ensure improved capability to comply with regulation while also ensuring information in your organisation is of the highest possible quality, ensuring customer satisfaction and avoiding other regulatory risks. Viewing Information Quality and Data Protection as two  „silo‟ problems deprives you of the potential to add greater value to your organisation while managing privacy/data protection risks.
  • 8. Data Protection DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. 2. It shall be for the controller to ensure that paragraph 1 is complied with.
  • 9. Data Protection DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. 2. It shall be for the controller to ensure that paragraph 1 is complied with.
  • 10. Data Protection DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. 2. It shall be for the controller to ensure that paragraph 1 is complied with.
  • 11. Fundamental Data Protection Principles Obtain the information fairly  Use only for purposes for which it was obtained  Process it only in ways compatible with the purposes  for which it was given to you initially Keep it safe and secure  Ensure that the information is accurate, relevant, and  not excessive Retain it for no longer than is necessary for the  stated purposes Give a copy of the information held by you relating to  them to an individual when requested
  • 12. Fundamental Data Protection Principles Obtain the information fairly  Use only for purposes for which it was obtained  Process it only in ways compatible with the purposes  for which it was given to you initially Keep it safe and secure  Ensure that the information is accurate, relevant, and  not excessive Retain it for no longer than is necessary for the  stated purposes Give a copy of the information held by you  relating to them to an individual when requested
  • 13. Data Protection SECTION I PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use. Give a copybe for the controller to ensure by you relating to them to an individual when 2. It shall of the information held that paragraph 1 is complied with. requested
  • 14. Example of a Bad Data Protection Practice “Sign up for a raffle” Lots of personal data… Left completely unattended, along with a box full of more sheets like this one…
  • 15. Data Protection & Information Quality Mapping the Relationship…
  • 16. Information Quality Meeting or exceeding information consumer expectations Reducing variation around a mean for the performance and perceived value of an information product Beauty is in the eye of the beholder
  • 17. Information Quality Data and Information are of high quality if they are fit for their uses (by customers) in operations, decision- making, and planning. They are fit for use when they are free of defects and possess the features needed to complete the operation, make the decision, or complete the plan. Joseph Juran
  • 18. Information Quality What he said… only the view of the customer needs to be broad enough in your organisation… Is having your data lost or stolen a “feature” of the service you are buying? Dr Tom Redman
  • 19. Setting & Meeting Expectation 1 Obtain and process the information fairly Setting Expectation Keep it only for one or more specified and 2 Setting Expectation lawful purposes Process it only in ways compatible with the 3 purposes for which it was given to you Meeting Expectation initially 4 Keep it safe and secure Meeting Expectation 5 Keep it accurate and up to date Meeting Expectation Ensure information is accurate, relevant and 6 Meeting Expectation not excessive Retain information for no longer than is 7 Meeting Expectation necessary for the stated purposes Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request
  • 20. Planning to meet expectations Quality of an asset (product, finance, people) is achieved through •Planning •Control •Improvement Joseph Juran
  • 21. Asset Life Cycle – POSMAD Model Asset Store/Shar Plan Obtain Maintain Apply Dispose Life e Cycle What are our Are we using the What info do I Where/how will Do we have a How will we get process to info for purposes need to we store this retention policy „maintain‟ the it? identified @ capture? info? for this data? information? PLAN How are we How will we Can we find it Do we work Questions you might ask Why do we keeping our Do we retain this communicate again when with our need it? information up data at all? Hows & whys? needed? suppliers/data to date? service What are the Are we storing How are we providers to How do we processes we‟ll What will we the same data correcting ensure they dispose of our old use it for? use to get this many times in errors in our have adequate data? info? many places? data? procedures in What‟s our plan Will these Do our staff place to protect for ensuring Does our data Who will we processes know how/why the data we data integrity become share it with? capture quality we keep info hold on trust? (relating all our “excessive” over info? up to date? records)? time , even if it Will the Do our metrics was appropriate processes Is our data Do we protect Why would we and processes at the time it create poor storage copies of data share it? support this was captured? quality secure? on laptops etc? objective? information? What Is our data Can we find it Am I capturing processes will Is our data storage when we need too much info? we have to find disposal secure? secure? it? and fix errors? DP 1,2,3,5,6,7 1.2,3,4,5,6 1.2,3,4,5,6, 1,3,5,6 4,7,8 1,3,5,6,8 Principle ,8 ,8 7 s
  • 22. Example of a Bad Data Protection Practice “Sign up for a raffle” Lots of personal data… Left completely unattended, along with a box full of more sheets like this one…
  • 23. Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request A needle in a haystack? Find ALL the data you have about ONE specific person based just on their name, address, other identifying data… not necessarily an account number or other unique reference. For example: Daragh O Brien, 13 Any Street, Anytown, Ireland.
  • 24. Why did I get into Information Quality (an old slide, but a good slide) Daragh  Darragh  Dara  Darra  Daire  Darach  Darrach  Dáire  Daira  Daireach  Gender?  Male or Female  SPELLING DOES NOT give a clue  Confusion  Often miskeyed as TARA (definitely female)  Often confused with Darren (male) or Daryl (male or female)  Also confused with Daria (female)  Also confused with Dora (female)  O Brien  NOT O‟Brien (anglicised version of gaelic name)  Also use O Briain (proper Irish language spelling)  Will accept O‟Brien (mainly out of laziness at this stage)  Grew up on “Foxfield St. John”  Data cleansing software often changes this to “Foxfield Street John”  Or “St. John‟s, Foxfield” 
  • 25. Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request Lots of data repositories? Which haystack?
  • 26. Give a copy of the information held by you 8 Meeting Expectation relating to them to individuals on request Potential duplicate records? Which needle?
  • 28. Conclusion  Information is an asset  Its quality can be managed and improved just like any other asset.  It should be protected like  Data Protection and Information Quality are inextricably linked
  • 29. Conclusion Approaching your Data Protection obligations  with an “Information Quality Eye” will ensure improved capability to comply with regulation while also ensuring information in your organisation is of the highest possible quality, ensuring customer satisfaction and avoiding other regulatory risks. Viewing Information Quality and Data Protection  as two „silo‟ problems deprives you of the potential to add greater value to your organisation while managing privacy/data protection risks.

Notas del editor

  1. Data Quality is explicitly referenced in the EU directive which underpins our data protection regulations. They even go so far as to spell out what the attributes of quality they are concerned with are.
  2. Data Quality is explicitly referenced in the EU directive which underpins our data protection regulations. They even go so far as to spell out what the attributes of quality they are concerned with are.