The topic of data protection is gaining importance for many companies in the lockdown due to the accelerated digital transformation. The use of adequate collaboration tools is increasingly becoming a decisive success factor in times of social distancing. At the same time, the legal framework conditions are tightening due to the so-called "Schrems II" ruling and its effects on international data transfer. In this situation, how can we remain capable of action and data protection compliant at the same time?
The EU has developed a new privacy / data protection law, the “EU General Data Protection Regulation”. It has been in full force since May 2018 and there is still uncertainty among a lot of companies and their data protection officers as to what is actually required by the new regulations and what kind of impact they will specifically have on their data processing processes. Especially in the big data and business intelligence environment, fundamental conflicts of interest arise and widely spread paradigms regarding data retention and analysis will potentially have to be put into question.
The following article provides an overview regarding the fundamental requirements of the GDPR and the obligations arising for companies and for the data protection officers, and outlines a possible approach to comply with these requirements. In addition, the impacts of the regulation are discussed in the business intelligence context and it is shown, based on the example of the Microsoft SQL Server platform, how the requirements of the new EU Directive can be covered by features of modern database management systems.
