Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
EU GDPR | Protecting Individual's Privacy
Take the Next Step with LTI
Challenges AheadAs we approach the May 25, 2018 deadline, organizations have begun to perfect their data management
processes and technologies. However, based on our experience, most organizations struggle with the following:
While organizations struggle with the complexities of the GDPR, we, at LTI, can simplify it for you by
assessing its impact on your business; validating your assessment, if already done; and helping put in any
necessary changes through our comprehensive solution offerings.
The GDPR also brings with it multiple approaches – many approach it as a legal problem, others as a
technology, and process fix. Whatever may be the approach, one thing is sure –the GDPR brings into focus
privacy of a data subject, before a data breach happens. For many, this means covering every aspect
between establishing processes & policies, encrypting data, and educating employees.
The GDPR (General Data Protection Regulation) is fast becoming a global standard, as more and more
governments adopt a stringent approach to their citizens’ privacy. The cost of non-compliance to
organizations will be prohibitive once the GDPR comes into force. The GDPR will fundamentally alter the way
products and services will be delivered to consumers in the future.
• Not having a clear view of where the
personally identifiable information (PII) resides
in the application / database landscape
• The inability to demonstrate the purpose for
which the personal data was collected, or the
unambiguous consent of the data subject for
all the personal data collected.
• Not knowing how to systematically remove
any personal data, from all the systems if the
individual requests to do so
• Track history of the changes made to the
personal data
• Dealing with personal data in archived files
• Provide personal data in a structured,
commonly used and machine-readable form,
when requested
• Data minimization
• Ability to build compliance into product and
services development
• Lack of procedures and policies and expertise
to respond to a breach in 72 hours
• Audit trail for data lineage, subject consent,
remediation and breach notification when
required for legal purposes
• Ability to cover end user computing devices –
laptops, desktops and phones
EU GDPR | Protecting Individual's Privacy
With different perspectives and different stakes, every organization is reacting to the GDPR differently. Thus,
it becomes the responsibility, as well as the prerogative, of any service provider to customize their solutions,
such as to best fit the needs of any organization. With this guiding principle in mind, here is a quick snapshot
of LTI’s value proposition.
LTI’s comprehensive solution framework supports an organization through the GDPR lifecycle, by an
aggregation of advisory services, bi-directional governance setup, and change management processes.
Why LTI?
Automation Assisted DPIA
• Discover where the sensitive data resides in
your RDBMS, Cloud, file systems, compressed
file formats, Office document formats, etc. in
weeks, instead of months.
• Ready business impact scenarios to show how
a change in the use of a personal information
identifier may affect the desired outcome.
Rapid Implementation
• Centrally manage data subject consent and
rights by using an automated solution, which
also maintains audit trail for traceability.
• Lineage identification using a metadata
accelerator which conducts impact analysis,
when changes take place to a system and
notifies appropriate system owners.
Intelligent Reporting
• A centralized and intuitive dashboard to
provide automatic and assisted data protection
and a unified view of all key governance areas.
• Machine learning predictive modelling to
detect possibilities of breach incidents and
exercise cautionary measures, along with timely
reporting facility.
Assessment –
Jump-start assessment with industry specific toolkits
that contain process maps, checklists,
questionnaires, tools to scan text-based source
code for PII, and depict variance on specific
compliance parameters.
Implementation –
Establish a Privacy Assurance Office with best
practices, policies, data stewardship, and create
technology architecture to manage data subject
consent, privacy by design & default, masking,
subject access and rights, audit trails of personal
data usage, and personal data maps for data
accuracy and lineage identification.
Operations –
Ensure smooth operations even after the May 25,
2018 deadline by testing for data
pseudonymization & anonymization, workflows
and incident responses; constant insights to
measure the health of compliance and monitor the
compliance activities; manage identity, access, and
threats to future-proof the systems; integrating
the ticketing systems that capture subject rights
and consent with solutions to carry out the rights.
EU GDPR | Protecting Individual's Privacy
Success Sto�esLTI is helping organizations across Europe, North America, and India become compliant with the GDPR
mandates. Some examples are as follows:
• Automated identification and custom classification
of the private data in the distributed systems,
leading to time and cost savings of more than
50% for a global Oil & Gas Major.
• Hybrid assessment of 51 SAP, Oracle, and Salesforce
applications covering 39 business processes
leading to 80% effort reduction in data mapping
for a US-based Manufacturer.
• Scanned 15 TB data across 800 end-point devices
and servers in four weeks to start a smooth
implementation phase leading to 75% in cost
savings for a Danish Retailer.
• Automated data subject rights management,
data obfuscation in core and semantic layers,
and pseudonymization of sensitive data,
leading to cost savings of 75%, for US-based
Multinational Technology Company.
• One-view customizable responsive dashboards
to manage, predict, and assess real-time GDPR
compliance for a global IT Services Provider.
LTI aims to collaborate with the clients, comply with the articles of the law, and strive to continuously
improve, since we don’t consider the GDPR compliance as a one-time exercise. To that effect, LTI collaborates
in spirit, with a sense of what the end goal is, and a desire to work together to meet that goal. We may need
to experiment to find a system that the client is happy with, but that is the key ingredient of a truly symbiotic
relationship.
LTI (NSE: LTI, BSE: 540005) is a global technology consulting and digital solutions Company helping more than 250 clients succeed in a converging world. With operations in 27 countries, we go the extra mile for our clients and accelerate their digital transformation with LTI’s Mosaic platform enabling their mobile, social, analytics, IoT and cloud journeys. Founded 20 years ago as a subsidiary of Larsen & Toubro Limited, our unique heritage gives us unrivaled real-world expertise to solve the most complex challenges of enterprises across all industries. Each day, our team of more than 20,000 LTItes enable our clients to improve the effectiveness of their business and technology operations, and deliver value to their customers, employees and shareholders. Find more at www.Lntinfotech.com or follow us at @LTI_Global
Partnerships
• Consulting partnership with KPMG,
and E&Y
• Legal partnership with EU-based Bull &
Company, and Osborne & Clarke