The Data Protection Officer of a business needs insight into its organisation’s unstructured data estate (network file shares, SharePoint sites and Exchange). They needed to identify where individuals’ Personal Data resided and ensure it was managed according to the GDPR, and not impacting the rights of the individual.
Solutions for Legacy Data Clean Up
Solutions for Legacy Data Clean-Up For GDPR Compliance
Initial attempts to identify this Personal Data using mainly manual processes proved:
- the results would be extremely inconsistent and as such unreliable
- there was no way the process would be complete in any reasonable timescale for GPPR compliance – estimate for completion was in years, not months or weeks
- it was too impactful on the business – business users were having to spend a considerable amount of their working day on data identification tasks
The lack of visibility of Personal Data being held by an organisation also means that they would not be able to respond in a complete manner to DSARs (Data Subject Access Requests).
This would be further exacerbated due to a lack of information governance within an organisation, resulting in a massive over retention of the unstructured data they stored, meaning that far more data than really necessary was going to have to be analysed.
The Outcome
The StoredIQ solution provides a single consistent approach to discovery across all unstructured data repositories – allowing the easy identification of personal information and the ability to perform remediation actions as required. As a result, companies are able to quickly query their unstructured data estates in support of Data Subject Access Requests.
Furthermore, having built this single view of their data to support their GDPR initiatives, the information that the solution provides can be used to support additional use cases:
IT operations:
- Storage costs and efficiencies – the initial ROT removal provided immediate savings
- Duplication of data
- Categories and age of data being held
- Data retained for users no longer with the company
- It could provide genuine data from which to build and implement an Information Retention Strategy
The initial removal of Redundant, Obsolete or Trivial data (ROT) has an additional positive impact on the business. Users, especially those in customer-facing roles, find they spend less time finding the right information and more time focusing on their customers.
More Automation Solutions
