RESEARCH REPORT

In brief

In brief

  • The European Union's General Data Protection Regulation (GDPR), which took effect in May 2018, is the most comprehensive data protection law ever.
  • For many businesses, a big challenge to achieving GDPR compliance involves the discovery of personal data within disparate enterprise systems.
  • Accenture research shows GDPR compliance can yield opportunities to build a more secure foundation for sustained growth and competitive edge.


Data compliance dilemma – Translating GDPR into compliant measures and auditable processes can be complex for even the simplest of businesses.

"Businesses should approach GDPR as an opportunity to undertake transformative initiatives that unlock new opportunities and plug revenue leakages while enabling compliance."

– SANJEEV VOHRA, Senior Managing Director – Group Technology Officer and Data Business Group Lead, Accenture Technology

This complexity is especially true for large, global enterprises, because their data is spread across multiple siloed systems that were built or acquired over years, if not decades.

Even companies with reasonably well-structured technical and data landscapes face challenges with GDPR implementation as they aim to corral piles of personal data spread across disparate enterprise systems.

GDPR compliance requires enterprise data controllers and other IT professionals achieve several things, including:

  • "Bake-in" privacy requirements into the data architecture of enterprise systems;
  • Present "one view of the truth" to data subjects, regulators and internal stakeholders;
  • Respect the right of EU data subjects to access their data, be "forgotten" or accept requests for data portability.

Data subject rights

Data controller or processor obligations

Compliant data: An appreciating asset

Accenture’s GDPR Intelligent Solution not only identifies data locations and types in the purview of GDPR, but also validates accuracy and generates a confidence/reliability score based on which stakeholders can take appropriate action.

This function enables data controllers to establish a repeatable action that can quickly scan large amounts of personal data throughout the data lifecycle. This is important, because GDPR compliance is an ongoing commitment, not a "once-in-a-year" task.

The solution is designed around three key processes in the data supply chain—capture, curate and consume—and it does all the heavy lifting, from identifying how the data enters the enterprise system from structured and unstructured sources to which enterprise systems and processes use it, and for what purpose.

GDPR compliance is ultimately about protecting personal data and individual rights and freedoms. Organizations that see compliance as an opportunity to align their priorities to the principles of data ethics embedded in GDPR are poised to build a more secure and trustworthy foundation for sustained growth.

GDPR compliance is an ongoing commitment and not a "once-in-a-year" task.


Sanjeev Vohra

Senior Managing Director, Group Te​​chnology Officer and Data Business Group Global Lead – Accenture Technology


Andreas Braun

Managing Director, Data Business Group Lead – Europe Accenture Technology


Harsh W. Sharma

Managing Director, Data Business Group Lead – North America Accenture Technology

MORE ON THIS TOPIC


Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter