The EU data protection regulation means that organizations need to be alert when it comes to handling personal data. When asked, companies and institutions must be able to give clear and understandable information on how personal data is processed. Failing to do so may result in substantial fines up to 4% of the revenue of the organization. Will you take the traditional approach, and send an excel file to all IT system responsible persons, with a summary of where/how personal data is handled? Or do you maybe have an EA tool in your organization, but it doesn’t seem to be of any help in the matter? The demands of legislation aren’t something you take care of once, instead, it is an ongoing process. That means, that you have to be able to maintain information up to date whenever processes and IT systems change. In addition, the proper use of data is ensured by a functioning identity and access management.
Enterprise architects are uniquely positioned to help their organization to demonstrate that they comply. Leveraging their architecture models for security and privacy analyses, architects can provide cross-cutting analyses on the use and protection of data across the enterprise, its processes, people and IT systems.
Come and see how an architect approaches the new EU data protection regulation! As a bonus, you have the chance to get acquainted with one of the leading enterprise architecture tools, BiZZdesign Enterprise Studio.