The upside of GDPR: a potential remedy for your “dark” data

Share this post:

How much unnecessary weight is your organization lugging around? Just think of all the data in production systems that nobody uses anymore. And what about dark or unstructured data, fragmented in crumbs throughout emails, presentations, phone notes, spreadsheets, and so much more? Keeping data you don’t need for business or regulatory purposes can be unhealthy in terms of IT cost and it can also put your company at greater risk in the event of a data breach – and on top of that, you may be basing your business decisions on data that is incorrect or no longer relevant. Getting your organization ready for GDPR might sound like a hassle, but it’s actually the perfect opportunity to take on this issue as well.

Take, for example, an insurance company, with over twenty years of insurance data and client information stored in its legacy databases. Very likely, some of this data is what we would call ROT: Redundant, Obsolete and/or Trivial. It has no business value, but may still cost money to store and maintain. The positive side is that the insurer usually knows the databases are there and knows exactly what they contain, offering some degree of control in terms of security and privacy.

However, when it comes to its unstructured data, we are usually looking at a totally different picture. Medical information may have been shared in emails between the company and physicians. Sensitive customer information may have been extracted from production systems for analytical purposes, answering questions like ‘how many people received treatment XX last year?’. And spreadsheets containing confidential employee information may have been saved locally by the company’s departmental managers. The bottom line? Most organizations, like our hypothetical insurance company, don’t have insight into their unstructured data stores – which is why it’s often referred to as “dark” data.




With GDPR on the horizon, this issue should be addressed. A great place to start may be to assess what personal information you have, where you keep it and what you are using it for. In this respect, GDPR can be an enabler to help transform your company into a truly data-driven organization. You can create business value from your data by leveraging new insights based on reliable information and improving your decision-making processes to serve customers better and more efficiently – and gaining their trust by taking care of their data along the way. There are tools available to help support this process that facilitate you analyzing your structured and unstructured data by looking for patterns to identify and locate personal information and other kinds of data – no matter where it is stored.

Simplifying your data landscape using such tools can help you with GDPR readiness, make the most of your data, and possibly save money on IT costs in the process. How’s that for an upside on GDPR?

Register for this webinar to find more about the tools available to help you get ready for GDPR and becoming a strong, data-driven organization.

Amir Jaibaji

Rob Langhorst

IBM nominated as ICT service supplier – Computable Awards 2017

Privacy issues are changing and the new legislation is leading. In May 2018, the new GDPR legislation will become effective, with new requirements for processing and processing personal data. IBM is one of the largest data processors and has acquired the necessary knowledge with previous privacy laws. It has resulted in a GDPR-specific architecture framework that IBM offers as a service. The main purpose of the GDPR assessment is a roadmap that prepares an organization for this GDPR legislation and to test risk factors in the organization of the client.

The complete jury report (in Dutch)

Vote for ICT service supplier of the year – IBM – Computable Awards 2017!


Notice:  Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsibility for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations.  The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.

Learn more about IBM’s own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey here.

European GDPR Offering Leader, IBM The Netherlands

More stories

Datagovernance is fundamenteel voor een intelligente overheid

  Overheden zijn bij uitstek in de positie om flinke slagen te maken met het slim gebruiken van data. Denk aan proactieve en snelle communicatie met de burger, smart cities, geoptimaliseerde vervoersstromen en geavanceerd watermanagement. Nu de behoefte groeit aan het delen van data over de keten staan bestuurders voor een uitdaging: bepalen van de […]

Continue reading

Implementatie van de AVG begint met een gedegen assessment

Sinds 25 mei jongstleden is de Algemene Verordening Gegevensbescherming (AVG) van kracht, de nieuwe privacywet waaraan organisaties moeten voldoen. Recentelijk hebben we bedrijven in verschillende sectoren geholpen met de voorbereiding op de AVG-wetgeving. Daarbij hebben we ons met name gericht op het uitvoeren van privacy impact assessments. Het geven van advies over de te nemen technische en […]

Continue reading

GDPR regulation drives new mind shift

From cost-driven to a risk & value-driven approach We now all know it’s coming in less than a year. Still, the new GDPR regulation is keeping many executives awake at night. Non-compliance may lead to significant fines of up to 20 million euro of 4% or the total annual worldwide turnover, whichever is higher. But […]

Continue reading