- With big data in the picture, the complexity of data has grown beyond what it was in the days of transactional systems of record (SOR).
- These new types of data from new originating sources, coupled with the various ways in which organizations are transforming data into something else, present unique challenges to compliance practices in privacy, security, and safekeeping.
- This big data compliance data comes from videos, photos, audio records, machines, and third-party vendors. Data analysts perform data cleanups and mash-ups to get to the bottom-line analytics answers that business leaders want.
- During this process, data begins to get transformed into new forms of data. The totality of these activities makes it difficult to perform compliance functions when the data is constantly morphing into new forms.
- Overly argues that the only way for companies to get a handle on the big data compliance challenge is to formulate a corporate framework for dealing with big data compliance.
- The framework addresses the data, as well as the systems where the data resides, who has access to these systems, and whether the data can be relied upon as accurate.
- Additional big data compliance concerns to consider include assessing the various types of big data for risk, the protection of intellectual property, and the proper legal disclosures and promises made to stakeholders and customers.
- When assessing these areas and developing policies, organizations should look to outside legal counsel and/or auditors for advice and best practices.
- The message for IT managers and others leading big data initiatives is that it’s not too soon to think about big data compliance and to do something about it. You should establish a compliance framework around big data that can scale and that all stakeholders understand.
Here are three steps that big data and analytics managers should take beyond securing systems and data access.
1. Assess your big data compliance efforts
- A majority of companies have barely started their big data compliance plans; Using IT guidelines for data safekeeping, privacy, and security that have been used for transactional SOR, and publishing annual privacy and security statements
- Unfortunately, this doesn’t really address the uniqueness of big data and big data transformation.
- There aren’t many policies that address privacy, security, and ownership of this data if the company elects to sell the data.
- In this continuum of data transformation and repurposing, organizations must determine the points at which compliance is enforced and how and why it is enforced.
2. Review how your organization secures and protects its documents
- In many cases, isolated business departments have paper records, but they have also been digitizing and adding to these records.
- Some of this information is highly sensitive and includes patient health and financial records and possibly company trade secrets and patent designs.
- Standard security measures including limiting room and system access likely are in place, but what if your big data strategy determines that some kind of meld of this data with other SOR or third-party data is important?
- When the lines between traditional data repositories that have their own compliance rules begin to cross, compliance needs to be revisited.
3. Define new strategies for managing big data compliance
- In the old days of relational databases with structured data, it was easy to identify and retrieve sensitive data because data searches were straightforward.
- That’s not so much the case with big data, which can be totally unstructured and unpredictable, and difficult to search for sensitive data that requires protection under regulatory guidelines.
- This is why it’s important to define new strategies for managing big data compliance.
Source:http://www.techrepublic.com/article/3-tips-to-reducing-your-big-data-compliance-risks
No comments:
Post a Comment