How to use de-cluttering techniques for GDPR

Tracey O'Neill 10.10.2017

Our Global Data Quality and Customer Insights Manager shares how her wardrobe sort and 'mapping' exercise helped our own GDPR data de-clutter.

In line with most other organisations across Europe, Morgan McKinley is currently undertaking a programme of GDPR readiness in advance of the arrival of the General Data Protection Regulation in May 2018. As a global company we have always taken data protection and privacy very seriously, but GDPR adds an extra layer of compliance and awareness that will need to filter through to our 800 colleagues world wide.

Just before I left work yesterday, I took a GDPR masterclass with Data Protection Expert Emerald de Leeuw and it was still on my mind as I began a task at home that I had been putting off for a while - decluttering my wardrobe. 

As the Global Data Quality and Customer Insights Manager at Morgan McKinley, part of my role in advance of GDPR will be to work with all business functions on a data minimisation project and to devise policy around GDPR compliant data acquisition and retention.

Peering into my wardrobe last night, I couldn't help notice the similarities between the two.

As I surveyed the chaos of my wardrobe and reminded myself of the benefits of seeing my carefully acquired items in an organised way, I became a bit overwhelmed and nearly put it off for another day. Where should I start?

So I decided the best strategy was to dump it all on the floor and do a sort. Surely it would just be a matter of a quick re-organisation? What I found pleased, surprised and concerned me in equal measure.

All the lovely items bought in the past year or so went straight back on the hangers. A few items needed some buttons or a new zip and they went into the repair pile. I happily found a pair of sunglasses I had been looking for all summer, that obviously had been stored carefully with the sun dresses at the end of Summer 2016.

Next I found a few items that I had become attached to but hadn't worn in many years, after some deliberation most of these went into a charity bag. Lurking at the bottom of the pile were clothes that I had borrowed from friends and family, some with permission and some without!  There were also some things that I have no recollection of acquiring at all and even a shirt belonging to someone who I used to know...'right to be forgotten' is a different GDPR blog topic! 

As I went through this careful sort, I realised that the principles of decluttering and data minimisation are essentially the same. So whether it is your neglected wardrobe, junk room, garden shed or database (all of which I need to tackle) then the following will apply.

Start with a sort and mapping exercise, then ask yourself the following questions:

  • What? What type of data is it?
  • Why? Why do I need it, is there a specified purpose?
  • Where? Where is the data stored?
  • When? When did I acquire the data and do I have permission to keep it?
  • Who? Who has access to the data and what is the level of security associated?

 

Answering these five basic questions about your data, will form the foundation upon which you can make decisions and build policy around data minimisation and data retention, which are core principles of the GDPR. A full and clear knowledge of your organisation's data, will also transform it into the 'data asset' with associated revenue-generating benefits, that we all read so much about.

After three hours of hard work, I realised that the de-cluttering task was a bigger than I anticipated, but I am working towards an orderly and useful wardrobe. However I did resolve to perform a regular clear out and maintenance going forward, another fundamental rule of data quality.

So whether your goal is a capsule wardrobe for a New Year, New You resolution, or data quality policy in advance of GDPR in May 2018...my advice is to start now.. you still have time.

Tracey O'Neill's picture
Data Quality Manager
traceyoneill@morganmckinley.ie