GDPR: European Banking Group

Business objective and solution

The banking group aimed to build a customer data integration hub that was modern, robust, scalable, and fully operational, and which would consolidate and provide customer data across the bank and all daughter companies. Ataccama worked with the group to incorporate regulatory and legislative rules and constraints into their data hub, ensuring all data was accessed, shared, and processed in accordance with internal directives and European law. 

Ataccama’s solution targeted four company goals:

1. Mitigate any reputational risks associated with processing personal data
2. Implement accurately-targeted marketing campaigns
3. Improve data quality as a whole and enable more informed business decisions
4. Lay the foundation for future regulatory compliance

Implementing the solution for the banking group was especially complex, given that it needed to be done across an entire group of companies that shared data. We were able to determine precisely which companies in the group could use which data and for which specific purposes, and make this information clear to all data users group-wide. We successfully translated laws and regulations into easily understood data management rules, and incorporated all consent data, customer data, and regulatory and legislative rules into our wider MDM-based solution.

Preparing for GDPR with Ataccama

General Data Protection Regulation (GDPR) is a European regulation to strengthen and unify data protection of EU citizens. Implementing effective consent management enables organizations to process personal data fairly and in accordance with the law. Under GDPR, which came into full effect in May 2018, companies will be required to secure “freely given, informed and explicit” consent to store and process the personal data of their customers. 

Ataccama’s approach to GDPR compliance covers:

1. Consent management: Determining which personal data may be used for which specific purposes, by whom it may be used, and according to which timeframe.
2. Data lineage: Tracking the origin of data and providing a full audit of data history, including detailed information about all applied business rules and transformations to both the record and data set levels.
3. Master Data Management: Mastering and centralizing key data assets, including customer, product, and reference data associated with related business processes.
4. Data protection-specific metadata management: Personal and sensitive data classification and localisation.
5. Data portability: On-demand provision for relevant personal data about each individual in a machine-readable format.
6. RTBF: Data deletion and anonymization/pseudonymization in both a central master data management hub and connected systems.

Ataccama has the experience and technical know-how to translate law and regulation into a comprehensive data solution. 

Ataccama partners with Deloitte

Enjoy the benefits of our proven software technology and the know-how of Deloitte’s world-class consulting team. We bring state of the art technology to the table, while Deloitte provides consulting, services, and legal support. Our partnered delivery method for GDPR includes risk analysis, impact analysis, implementation planning, and information governance.

Get in compliance with GDPR

Reach out to learn how we can bring your company into GDPR compliance with a consent management, data lineage, and master data management solution.