Solve the ICO’s Step 2 ‘Document What Personal Data You Hold’

Solve the ICO’s Step 2
‘Document What Personal Data You Hold’

What We’ve Been Reading And Writing This Month

GDPR Data Discovery
Plus – Become a GDPR Millionaire!
PwC and Exonar bring new data discovery and remediation services to market
PwC and Exonar form alliance to bring new data discovery and remediation services to market Partnership will bring together PwC’s world-leading data discovery knowledge with Exonar’s ground…
Preparing for GDPR has completely changed Lloyds` digital marketing strategy
Two years into preparing for the May 2018 GDPR deadline, Lloyds Banking Group has overhauled its CRM strategy across its major brands to focus on ‘how to’ content rather than product…
How the GDPR will disrupt Google and Facebook
We all know about the Data Protection Act – the rules that govern who gains, keeps and distributes your all-important personal data and how. As headlines of massive data breaches have…
Subject access requests: revised guidance from the ICO -...
The first draft of the Data Protection Bill (DPB) was released on 13 September 2017, following its second reading in the House of Lords. This bill is designed to bring the UK’s data…
Get our free GDPR report
Everything you need to know about the upcoming EU ePrivacy Regulation on the Respect for private life and the protection of personal data in electronic communications and repealing…
Plantatreeforprivacy: the impact of GDPR when privacy regulations change
Millions of UK consumers may submit subject access requests (SARs) to find out what personal information businesses hold on them after the GDPR goes live in May next year, with financial…
We Are Hiring - Marketing Executive - Exonar
Unless you’ve been living under a rock, you’ll have noticed that there are lots of people talking about GDPR – which is a good thing. However, there is lots of nonsense being talked about…
Heineken Pet
The Somewhat Related Section: Become A GDPR Millionaire
Read the original blog by Rowenna here: http://missinfogeek.net/gdprubbish/ If PCI DSS paid off the mortgage, then GDPR looks well on its way to buy the yacht. But how does one go about…

PwC and Exonar bring new data discovery and remediation services to market

PwC and Exonar form alliance to bring new data discovery and remediation services to market

  • Partnership will bring together PwC’s world-leading data discovery knowledge with Exonar’s ground breaking Information Intelligence™ platform to help companies meet future data demands

Exonar today announced that PwC’s Data Discovery team has selected its ground breaking Information Intelligence software to help its clients understand unstructured data in greater depth.

With increasing regulatory and compliance pressure, and the growing need to manage a business better, many companies turn to PwC for their data discovery, review and remediation services. PwC has engaged with Exonar in a number of data discovery projects where understanding unstructured data and its content is needed. This has included pre and post data breach, finding intellectual property stored where it should not be on a network, GDPR compliance and helping clients properly dispose of data to reduce storage and the risk of potential litigation costs.

Exonar is a British company that is redefining how organisations map, categorise and understand all of their data. Exonar solves a problem common to all organisations and their senior information owners, namely “I just don’t know what I’ve got”.

This statement, compounded with “I don’t know where it is or who has access to it” results in information security, regulatory and privacy demands becoming disproportionately challenging. The result is large amounts of risky, unwanted and unnecessary information being stored. In turn, this makes finding and understanding productive, valuable, or sensitive information much more difficult.

Umang Paw, PwC Partner in London, said, “We are excited to be working with Exonar and to add its capability to the portfolio of technology that we tailor for our clients’ specific business needs. We have been working with Exonar for over a year and are seeing real benefits across a number of different scenarios when it comes to helping our clients understand their electronic data.”

“Our technology provides a simple, comprehensive view of where data is being held,” explains Adrian Barrett, founder and CEO of Exonar.

“The platform’s underlying big data architecture provides a view of the whole enterprise, often uncovering repositories that have been forgotten about, or those that present a risk. It works by using machine learning to accurately identify data held in information systems and categorises it automatically into groups such as personal, private and sensitive. The platform does this instantly and then monitors on an ongoing basis every time a change is made.

“By bringing together our unique technology with PwC’s in-depth understanding of the world’s leading businesses, we can give CEOs the assurances they need that data is being managed in the right way to meet the obligations of regulation today and to continue to do so as laws evolve,” adds Adrian.

About Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure. Visit us at www.exonar.com or follow us @Exonar.

PwC and Exonar’s new data discovery and remediation services

PwC and Exonar form alliance to bring new data discovery and remediation services to market

  • Partnership will bring together PwC’s world-leading data discovery knowledge with Exonar’s ground breaking Information Intelligence™ platform to help companies meet future data demands

Exonar today announced that PwC’s Data Discovery team has selected its ground breaking Information Intelligence software to help its clients understand unstructured data in greater depth.

With increasing regulatory and compliance pressure, and the growing need to manage a business better, many companies turn to PwC for their data discovery, review and remediation services. PwC has engaged with Exonar in a number of data discovery projects where understanding unstructured data and its content is needed. This has included pre and post data breach, finding intellectual property stored where it should not be on a network, GDPR compliance and helping clients properly dispose of data to reduce storage and the risk of potential litigation costs.

Exonar is a British company that is redefining how organisations map, categorise and understand all of their data. Exonar solves a problem common to all organisations and their senior information owners, namely “I just don’t know what I’ve got”.

This statement, compounded with “I don’t know where it is or who has access to it” results in information security, regulatory and privacy demands becoming disproportionately challenging. The result is large amounts of risky, unwanted and unnecessary information being stored. In turn, this makes finding and understanding productive, valuable, or sensitive information much more difficult.

Umang Paw, PwC Partner in London, said, “We are excited to be working with Exonar and to add its capability to the portfolio of technology that we tailor for our clients’ specific business needs. We have been working with Exonar for over a year and are seeing real benefits across a number of different scenarios when it comes to helping our clients understand their electronic data.”

“Our technology provides a simple, comprehensive view of where data is being held,” explains Adrian Barrett, founder and CEO of Exonar.

“The platform’s underlying big data architecture provides a view of the whole enterprise, often uncovering repositories that have been forgotten about, or those that present a risk. It works by using machine learning to accurately identify data held in information systems and categorises it automatically into groups such as personal, private and sensitive. The platform does this instantly and then monitors on an ongoing basis every time a change is made.

“By bringing together our unique technology with PwC’s in-depth understanding of the world’s leading businesses, we can give CEOs the assurances they need that data is being managed in the right way to meet the obligations of regulation today and to continue to do so as laws evolve,” adds Adrian.

About Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure. Visit us at www.exonar.com or follow us @Exonar.

A Headlining Week for Privacy, SARs and Err, Trees

Privacy Has Been Hitting the Headlines

What We’ve Been Reading And Writing This Month

Personal Information and Subject Access Requests
Plus – Saving Trees for Privacy?
IDC Insight - Exonar Probes Depths Where No GDPR Solution Has...
When GDPR goes live, people will be able to submit subject access requests to current and former employers
Apple actively promoting Privacy as a selling point but...
Apple actively promoting Privacy as a selling point but…
At Apple, we build privacy into every product we make, so you can enjoy great experiences that keep your personal information safe and secure.
How the GDPR will disrupt Google and Facebook
…seen in an Apple store in Chicago – Exactly what GDPR should stop
Normally one of the bastions of privacy data, below is a sign that was spotted in an Apple retail outlet in Chicago recently. In essence, it assumes full consent is given for Apple and it’s…
Subject access requests: revised guidance from the ICO -...
At 9.24pm (and one second) on the night of Wednesday 18 December 2013, from the second arrondissement of Paris, I wrote “Hello!” to my first ever Tinder match. Since that day I’ve fired up…
Get our free GDPR report
You have the right to get a copy of the information that is held about you. This is known as a subject access request.
Plantatreeforprivacy: the impact of GDPR when privacy regulations change
Download our report: the impact of GDPR when privacy regulations change
In May next year, the UK’s Data Protection Act will be superseded by the GDPR. The GDPR is designed to give citizens more control of the information organisations hold on them and how that…
We Are Hiring - Marketing Executive - Exonar
SARs can be over 800 Pages long.Where do we start?
I did my own SAR on my own bank. This is it (actually, it’s less than half of the information they hold on me but they filtered the request). Arrived via DHL in 2 huge boxes…
Heineken Pet
The Somewhat Related Section – Planting trees for privacy. Really?
Yes, odd, we know but this 90 second video explains all – we felt bad after the SAR experiment on the left, not just for trees but for the employees that have to generate SARs…

Millions of Brits set to make GDPR personal information requests

Finance, telecoms and even social media in the firing line as customers set to demand a copy of personal information held on them

LONDON, November 1st 2017 – New research released today shows that millions may submit Subject Access Requests (SARs) to find out what personal information businesss hold on them after the General Data Protection Act goes live in May 2018.

The research, conducted by Exonar, a leading provider of General Data Protection Regulation (GDPR) data mapping and data inventory solutions, set out to identify what people know about how their privacy rights will change in May 2018. The findings showed that 70% of people have no idea about the changes. However, once GDPR and the term SAR was explained to them, 57% said they would raise a SAR.

The research also considered which sectors will be hit hardest. Financial services topped the charts with a third of people saying they would submit a SAR to their bank and 16% to their credit card provider. This could result in around 21million* current account holders raising a SAR and around a further 8million** credit card holders also asking for information held on them.

Other targets for SARs included mobile network providers (11%), social media companies (16.4%), insurance companies (8%), and loan companies (5%), 8% a utility firm, and 5% a retailer. A further 9% would raise a SAR on a current employer, 4% on an ex-employer.

Julie Evans, COO at Exonar, said companies need to make the most of the time they have before the Information Commissioner’s Office (ICO) starts its consumer publicity campaigns: “Companies often ask us how they can predict how many SARs they will receive. It’s an impossible task as so much of it will come down to consumer awareness.

“At the moment all communication efforts from the ICO are focused on getting companies ready for the GDPR, but come next Spring, we expect the focus to change as they start to inform the general public about the changes. If the ICO succeeds in raising consumer awareness then, as this research shows, the floodgates will open. Businesses really do need to make the most of the remaining months to get their data house in order.”

The research found that people are worried about how their data is managed today: 27% are concerned their data could be sold, and another 27% said they worried about hacking.

As part of the research, it was explained that a SAR could run into hundreds of pages***. Almost a fifth (18%) stated ‘shock’ that a company could hold so much about them and everything they have ever done, with 15% saying that if they held that much information they would want to know exactly what it was and a further 10% went as far as to say they’d want companies to forget about them altogether.

There were also environmental concerns: a third of people (31%) said they thought SARs were a waste of paper and would prefer to receive them in a secure digital format – just over a quarter were surprised a SAR wasn’t digitized anyway. 12% said environmental concerns would put them off doing a SAR.

Evans adds: “Going digital should be at the heart of any GDPR strategy. New technologies like data mapping, big data and machine learning will make it easier for businesses to ensure personally identifiable data is easy to locate and secure. Technology can help everyone in a business to follow best practice and avoid the potentially hefty cost of failing to deal with SARs and comply with the GDPR.

“Aside from the cost, relying on manual processes is too high risk. Going digital will make the process of finding and retrieving information quicker and cheaper, and also lessen the environmental impact of completing a SAR request.”

In order to offset the environmental impact of producing paper-based SARs and to encourage organisations to consider moving towards a digital process, Exonar is asking that for every SAR that is produced in paper a tree is planted or a donation is made to the Woodland Trust.

For more information about the research go to: www.exonar.com/plantatreeforprivacy

 

Notes to editors 

About the research: 1028 adults were surveyed between 6th and 10th October 2017, by Opinion Matters.

* Approx. 21m active current account holders (33% of 65m –  https://assets.publishing.service.gov.uk/media/53c834c640f0b610aa000009/140717_-_PCA_Review_Full_Report.pdf)

** Approx. 8m active credit card holders (16% of 50m –http://uk.creditcards.com/credit-card-news/uk-britain-credit-debit-card-statistics-international.php)

Calculation: 33% of 1028 people questioned said they would submit a SAR to their current account provider, and 16% said they would submit a SAR to their credit card provider, multiplied by the total active current account/credit card holders.

*** People can raise a request today but companies can take as long as 40 days and charge for the service. An Exonar employee asked their bank, with whom they have been a customer for 20 years, for the information they held on them. This picture features all the paper the employee received. It amounts to eight reams of paper.

Millions of Brits to submit SARs when the GDPR goes live

 

Finance, telecoms and even social media in the firing line as customers set to demand a copy of personal information held on them

LONDON, November 1st 2017 – New research released today shows that millions may submit Subject Access Requests (SARs) to find out what personal information businesss hold on them after the General Data Protection Act goes live in May 2018.

The research, conducted by Exonar, a leading provider of General Data Protection Regulation (GDPR) data mapping and data inventory solutions, set out to identify what people know about how their privacy rights will change in May 2018. The findings showed that 70% of people have no idea about the changes. However, once GDPR and the term SAR was explained to them, 57% said they would raise a SAR.

The research also considered which sectors will be hit hardest. Financial services topped the charts with a third of people saying they would submit a SAR to their bank and 16% to their credit card provider. This could result in around 21million* current account holders raising a SAR and around a further 8million** credit card holders also asking for information held on them.

Other targets for SARs included mobile network providers (11%), social media companies (16.4%), insurance companies (8%), and loan companies (5%), 8% a utility firm, and 5% a retailer. A further 9% would raise a SAR on a current employer, 4% on an ex-employer.

Julie Evans, COO at Exonar, said companies need to make the most of the time they have before the Information Commissioner’s Office (ICO) starts its consumer publicity campaigns: “Companies often ask us how they can predict how many SARs they will receive. It’s an impossible task as so much of it will come down to consumer awareness.

“At the moment all communication efforts from the ICO are focused on getting companies ready for the GDPR, but come next Spring, we expect the focus to change as they start to inform the general public about the changes. If the ICO succeeds in raising consumer awareness then, as this research shows, the floodgates will open. Businesses really do need to make the most of the remaining months to get their data house in order.”

The research found that people are worried about how their data is managed today: 27% are concerned their data could be sold, and another 27% said they worried about hacking.

As part of the research, it was explained that a SAR could run into hundreds of pages***. Almost a fifth (18%) stated ‘shock’ that a company could hold so much about them and everything they have ever done, with 15% saying that if they held that much information they would want to know exactly what it was and a further 10% went as far as to say they’d want companies to forget about them altogether.

There were also environmental concerns: a third of people (31%) said they thought SARs were a waste of paper and would prefer to receive them in a secure digital format – just over a quarter were surprised a SAR wasn’t digitized anyway. 12% said environmental concerns would put them off doing a SAR.

Evans adds: “Going digital should be at the heart of any GDPR strategy. New technologies like data mapping, big data and machine learning will make it easier for businesses to ensure personally identifiable data is easy to locate and secure. Technology can help everyone in a business to follow best practice and avoid the potentially hefty cost of failing to deal with SARs and comply with the GDPR.

“Aside from the cost, relying on manual processes is too high risk. Going digital will make the process of finding and retrieving information quicker and cheaper, and also lessen the environmental impact of completing a SAR request.”

In order to offset the environmental impact of producing paper-based SARs and to encourage organisations to consider moving towards a digital process, Exonar is asking that for every SAR that is produced in paper a tree is planted or a donation is made to the Woodland Trust.

For more information about the research go to: www.exonar.com/plantatreeforprivacy

 

Notes to editors 

About the research: 1028 adults were surveyed between 6th and 10th October 2017, by Opinion Matters.

* Approx. 21m active current account holders (33% of 65m –  https://assets.publishing.service.gov.uk/media/53c834c640f0b610aa000009/140717_-_PCA_Review_Full_Report.pdf)

** Approx. 8m active credit card holders (16% of 50m –http://uk.creditcards.com/credit-card-news/uk-britain-credit-debit-card-statistics-international.php)

Calculation: 33% of 1028 people questioned said they would submit a SAR to their current account provider, and 16% said they would submit a SAR to their credit card provider, multiplied by the total active current account/credit card holders.

*** People can raise a request today but companies can take as long as 40 days and charge for the service. An Exonar employee asked their bank, with whom they have been a customer for 20 years, for the information they held on them. This picture features all the paper the employee received. It amounts to eight reams of paper.