General Data Protection Regulation (GDPR)

GDPR: Are you ready?

GDPR, or the General Data Protection Regulation, enforceable on May 25, 2018, strengthens data protection provisions for all EU data subjects. But the impact of the GDPR goes well beyond EU borders. Companies inside and outside the EU (including suppliers, vendors, and outsourced organizations) that collect, hold, or process data about an EU citizen are required to comply with the law. And penalties are severe–up to 4% of annual global revenue.

Data governance is the foundation for GDPR compliance

Collibra provides an enterprise-wide data governance solution that puts people and processes first. It automates data governance and management to quickly and securely deliver trusted data to the business users who need it. Paired with GDPR-specific professional services and a GDPR accelerator, Collibra delivers a complete governance solution that serves as the foundation for the broader GDPR compliance effort and ongoing change management.

Data Protection Dashboard
Data Protection Dashboard

The Collibra data governance platform delivers the core capabilities organizations need to build a solid governance foundation:

  • A centralized inventory of personal data items across the business and technical landscape
  • Governance accountability and workflow for personal data ownership, definition, and requirements
  • A data protection dashboard that provides a single view where users can access project updates, find answers to FAQs, and launch workflows

  • Searchable, end-to-end traceability of personal data across the process and technology architecture and across the data lifecycle
  • Detailed data sharing agreements outlining how the organization shares personal data both internally and externally

Collibra Professional Services delivers the expert implementation services needed to get the most out of your Collibra investment. Our implementation approach is to phase the delivery through our unique method that aligns with the governance for GDPR process.

The Collibra GDPR Accelerator helps organizations speed time to compliance through delivery of an extended data governance operating model tailored for the GDPR. Organizations can bring together the right people, data sets, and technology to document business processes to help address the requirements of Article 5 and Article 30.


read the data sheet

GDPR signals a shift in how we think about data privacy

Because it’s not just about the data—those bits and pieces of personally identifiable information (PII) typically flagged for privacy. GDPR focuses instead on the fundamental rights and freedoms of data subjects (that’s you and me).

The New Data Subject

Under the new regulation, any data that can be used to identify a person is personal data. Birth dates and social security numbers? Sure. But that also covers genomic data, health records, financial information, social media profiles, and more.

Purposeful Consent

With a new focus on the data subject, consent becomes increasingly important. Businesses will need to make sure people understand what they are consenting to, how their data is being used, and how they can withdraw their consent should they want to.

Greater Control

GDPR regulations protect access and portability of personal data. They also grant the data subject the right to be ‘forgotten’ or erased. And when a data breach occurs, companies will be required to notify those affected within 72 hours.

6 GDPR Compliance Pitfalls (And How to Avoid Them)

Don’t let unanticipated roadblocks derail your efforts to comply with the GDPR. Learn how data governance can help.


Read the e-book

GDPR requires an understanding of how personal data is being handled

For data to be used, it can never remain static. Every company will need to have an end-to-end understanding of how data is captured, transformed, held, and destroyed.

In effect, GDPR requires companies doing business in or with the EU to embrace “privacy by design” and have processes in place to monitor the location and quality of data, the person accountable for that data, and the controls being applied to that data.

This document is intended for general informational and educational purposes. It is not offered as and do not constitute legal advice or legal opinions. Use of any Collibra product or solution does not provide or ensure any legal or other compliance certification and does not ensure that the user will be in compliance with any laws, including GDPR or any other privacy laws.