SAS helps global companies protect personal data and meet GDPR requirements

Organizations can access, identify, govern, protect and audit personally identifiable information

With the EU’s General Data Protection Regulation (GDPR) going into effect on May 25, 2018, global companies must take steps to understand how personally identifiable information (PII) is stored and used within their organizations. Millions of records are exposed each year due to thousands of data breaches that occur around the world. Further, a recent survey found that less than half (45 percent) of organizations have a structured plan in place for compliance and more than half (58 percent) indicate that their organizations are not fully aware of the consequences of noncompliance. To help companies protect their data and meet new compliance requirements, analytics leader SAS is offering SAS® for Personal Data Protection.

Any company that collects personal data, anything from national identification numbers, Social Security numbers, email addresses and dates of birth, must be able to identify where that information is stored in order to protect it and remove it when required. The amount and variety of data sources, along with the rise of mobile, cloud and social networks, has played a role in making PII more vulnerable to unauthorized access. SAS for Personal Data Protection helps companies to access, identify, govern, protect and audit their data, to work toward compliance.

Under GDPR, every EU resident has the right to know how their personal data is being used – and can request to have his or her data completely erased. This means that organizations that store and/or process EU consumer and employee data must be vigilant in protecting that data, regardless of where they are located. Noncompliance with GDPR regulations can be costly and may result in hefty financial penalties ranging up to US$22 million or 4 percent of annual global turnover (whichever is greater).

“The EU’s pending GDPR deadline is causing major headaches for companies across the EU and beyond, as organizations quickly realize that personal data is stored in multiple locations. Finding it and locking it down is no easy task,” said Tom Pringle, Head of Applications Research at Ovum. “The SAS for Personal Data Protection solution offers organizations tools to identify and govern personal data to prepare for compliance with this new regulation, simultaneously helping extend and enhance the governance frameworks enterprises are investing in.”

SAS software and services assist organizations in locating and identifying all personally identifiably data throughout its lifecycle so that it can be properly protected. The technology allows companies to take the following steps:

  • Access. With SAS, organizations can assess, access and blend data types from a number of relational data sources like Oracle, Apache or Hadoop.
  • Identify. No matter where PII resides, data filters, sampling techniques and algorithms can identify and extract personal data from structured and unstructured data sources.
  • Govern. Data governance software helps to enforce policies, monitor data quality and manage business terms across an organization.
  • Protect. Role-based data masking and encryption techniques secure sensitive information, and dynamically blend data without moving it to help minimize exposure of sensitive data.
  • Audit. To help proactively avoid penalties and breaches, interactive reports can be generated to identify the users, data sources and types of PII detected.  

“Dealing with personally identifiable information is tricky, especially when that data may be stored in multiple locations throughout an organization,” said Arturo Salazar, Principal Business Solutions Manager, SAS. “The first step to any successful data management program is to first access and identify where the data lives. SAS can then provide the added requirements of enterprise data governance, protection and auditing to ensure the right people have the right access and the data remains protected.”

Learn more about SAS for Personal Data Protection.

Analytics Experience Amsterdam

Today’s announcement was made at the Analytics Experience conference in Amsterdam, a business technology conference presented by SAS that brings together thousands of attendees on-site and online to share ideas on critical business issues.

About SAS

SAS is a global leader in data and AI. With SAS software and industry-specific solutions, organizations transform data into trusted decisions. SAS gives you THE POWER TO KNOW®.

Editorial contacts: