On May 25th GDPR (General Data Protection Regulation) which is also known as DSGVO (Datenschutz-Grundverordnung), and probably other acronyms, came into effect. While SAS administrators may not need to adhere to the regulation in their day-to-day role, they would certainly need to be aware of it, like other regulations, to support their business users and protect the data SAS platforms access and use.
As Joyce Norris-Montanari shared in her data security and privacy - part 1 blog, some questions to consider regarding data privacy are:
- What procedures and guidelines do we use today to safeguard data?
- Where is our personal data stored?
- Identification and documentation of where the data lives will always be required.
- Can we assess, document and understand the interfaces or data flows between data stores? This is important so you can understand what application or system created the data, as well as what applications or systems update or delete the data.
- I encourage use of an enterprise data model (if you have one), as well as application system data models to help you understand the data.
- What is the data quality, based on profiling or sampling the data stores?
SAS administrators may want to look at other SAS GDPR related blog posts at https://blogs.sas.com/content/tag/gdpr/ as well as tenants and insights from a survey SAS conducted in the GDPR compliance in a data-driven world e-book.
Kind Regards,
Michelle
//Contact me to learn how Metacoda software can help keep your SAS platform secure - https://www.metacoda.com