Imagine you work for a Global Insurance Provider and one of your core responsibilities is data compliance. A new GDPR regulation is announced stating that all insurance policies older than 3 years with no active claims must be deleted.

You are fairly confident that you can identify and address the expired data in your structured CRM, but you suspect there could be related information in various files and notes. To make your situation even more difficult, your company recently acquired some business from another company. The expansion added more complexity with information across legacy systems and modern cloud environments that you may not directly manage, but you are still responsible for.

Your first task is to find out not only where your insurance policy information is – because you already know that – but also where all of the information related to those policies is. You know that your customer service team often takes call notes in your regular CRM system, but also notes may live on Sharepoint, or Google Drive, or in employee emails.

Start Your BigID Guided Tour

Follow these 6 steps for data lifecycle management to maintain compliance with the GDPR regulation:

Step 1: Connect all of your data in all data sources, on-prem and in cloud environments. Consider all of your information that could be in structured tables and also in unstructured notes and files or in pipelines to be uploaded.

Step 2: Classify all data so that you know what it is, where it is, who it belongs to. Identify duplicate data to ensure that you are cleaning up all data in all locations.

Step 3: Apply the policy to identify data that is more than 3 years old and does not have active claims.

Step 4: Evaluate to determine if the data requires governance action, and remediate if needed – for example, marking expired files for deletion.

Step 5: Delete the data that is out of compliance.

Step 6: Audit and report results.

Repeat this process to maintain compliance for any other regulation or company privacy policy.

For a step-by-step illustration to see how BigID can automate and amplify your data discovery, retention, remediation, and deletion efforts for regulation compliance, check out this Guided Demo for Data Lifecycle Management.