View The GDPR and Dark Data

The GDPR and Dark Data

Dark Data – the accident waiting to happen?

As businesses make more and more use of personal data to deliver their products and services, the quantities of personal data stored by organisations have undergone dramatic growth, at least doubling in volume every year. This personal data has increasingly become a commodity which businesses value and require, making it an attractive target for hackers, blackmailers and thieves.

Vast quantities of “dark data”, (data residing in unstructured content) pose a serious challenge as organisations around the world struggle to meet their GDPR obligations and avoid the reputational and financial fallout of non-compliance.
Discovery and processing are fairly straight-forward with structured data, but dark data is more complex to search and identify.

The GDPR defines how customer data must be managed, not just for European companies, but for any company doing business in Europe or with European customers. Under GDPR, data subjects have an explicit right, a ‘Subject Access Request’ to receive a copy of his or her personal data and to demand its rectification and removal of it, if they choose. When the same data is requested by a court and cannot be located, the costs escalate.

The critical issue here is that the regulatory basis of GDPR presumes organisations know exactly what data they hold, making it crucial to understand where personal data might be darkly hidden away in remote or forgotten repositories or unstructured, even unsearchable, formats.

> Read more about GDPR Risk Assessments 

The GDPR also imposes both direct and indirect obligations on third-party data processors, such as cloud-storage providers, business services and data centre operators, to comply with the same requirements that apply to controllers.
Data controllers will be under strict obligations for the protection of personal data both in their own right and when transferred to data processors and other vendors. Data processors are now open to direct action for failure to meet the requirements of GDPR, even when acting as a third party.

But when it comes to its unstructured data, most organisations have very little insight into their unstructured data stores. This is a real risk and a significant challenge.

However, getting dark data into compliance with the GDPR also offers a much more positive outcome – the potential to transform an organisation into a truly data-driven business. Recovering and managing the dark data content of unstructured documents will promote better decision-making, provide more efficient customer service, and reveal new opportunities to generate revenue and efficiencies.

But most importantly, getting a handle on unstructured personal data will ensure that dark data ceases to be the ‘accident waiting to happen’, which jeopardises both your bottom line and reputation.

Oyster IMS’ data mapping solution will help you to get unstructured data under control, into compliance and shine a light on your dark data.

Share this page

Download our brochure

  • Your email address is used only to send you the requested brochure. Please see our privacy policy to find out more.

  • This field is for validation purposes and should be left unchanged.

© Copyright 2021 Oyster IMS  |  Web design by Union 10 Design

Oyster IMS statement on impact of COVID-19

We do not believe that this outbreak will have a direct impact on most of our services.

We are continuing to monitor the situation, liaising with partners and suppliers critical to the operation of our services, and all those who are dependent on our business.