FEATURE: DATA MANAGEMENT //////////////////////////////////////////////////////////////////////////
FlyingBinary, are Internet of Things (IoT)
specialists and have been deploying our
IoT technology in the UK since 2012 and
worldwide since April 2014. Based on manage that data, including personal data.
This self-service approach to GDPR creates a
European citizen-centric view of the indexed
data that can securely manage not just
IN ORDER TO COMPLY WITH GDPR,
AN ORGANISATION WILL NEED TO
DEMONSTRATE COMPLIANCE TO A
REGULATOR AND MEET THE STRINGENT
AUDIT REQUIREMENTS.
city sectors. At a landscape level, there is
a real focus on compliance in each nation
state. From our work, we see that GDPR
readiness varies across individual sectors, so
compliance is likely to be patchy.
One interesting change we are seeing as
we approach the mandating of GDPR is
the interest from outside of Europe. GDPR
gives individual citizens more of a say over
how their data is used and why. At the
same time, it expands the definitions of
‘data’ and ‘processing’, so if you store any
data anywhere, you are almost certainly
a data controller or processor and subject
to the regulation. Companies outside of
Europe are now looking closely at the data
the challenges we have responded to for
organisations, we have seen an additional
opportunity as a result GDPR.
The IoT requires a new approach to data
management, particularly in the security
space where we work. The GDPR work for
our clients has required us to provide fully
managed private cloud services, the same
base services required for IoT. A number
of those clients have used these GDPR
capabilities to start their IoT journey. IoT
is an engineering challenge which means
few companies supply secured accredited
private cloud services in this domain. From
a CIO viewpoint, we have been able to
demonstrate between two and 60 times
return on that investment. This has unlocked
a new style of IT provision and a strategic
opportunity for the CIO to reorganise an
innovation-led agenda.
Are European countries likely to take
advantage of RegTech solutions?
As we approach the implementation of
GDPR, organisations are faced with a serious
challenge. In order to comply with GDPR,
an organisation will need to demonstrate
compliance to a regulator and meet the
stringent audit requirements. This means
that businesses must be aware of where
their data is stored and how to index it.
FlyingBinary’s answer to meet this challenge
is a RegTech service which does not take a
transaction-based approach but is focused
on indexing all data wherever it might be
and providing state-of-the-art analytics to
62
INTELLIGENTCIO
personal data, but all data. Importantly, the
RegTech service can be demonstrated to an
auditor and used to meet the stringent audit
requirements of GDPR.
RegTech solutions are not focused on the
date the regulation is mandated, but rather
the next 20 years as we move to leveraging
IoT. Regarding take-up of RegTech services,
we are seeing traction across Europe which
has accelerated as CIOs understand the
opportunity in their hands.
What do you think the likelihood is
of businesses complying with the
GDPR requirements and regulations?
FlyingBinary have particularly focused on
Europe over the last 18 months and we
have launched a GDPR compliance service
specifically to address the health and smart
value chain which may make them a data
processor under the new regulation. We have
organisations in Asia and America working
to prepare for the changes GDPR brings to
their use of European personal data.
One key area of GDPR compliance that
I would like to signal is the need for
companies to transform their use of social
web data. Companies are using European
citizen’s data exhaust from social platforms
such as Twitter, Facebook, etc. often as
part of customer engagement strategies.
In the European Commission, we have not
used this data in any projects since early
2017. FlyingBinary has informed consent
services, who we deploy for clients, to replace
the use of social web data for a GDPR-
regulated market. This is an area that seems
to have received little focus as part of the
compliance preparations. n
www.intelligentcio.com