Harris Vourliotis

Battle ahead: Who owns the data, the business or IT?

Blog Post created by Harris Vourliotis Employee on Oct 10, 2017

With the European General Data Protection Regulation (GDPR) coming into force on May 25th 2018, companies should be prepared to comply. Yet some analysts state that 9 out of 10 companies don’t understand GDPR, and that 74% of businesses don’t have GDPR as a top priority. With fines nearing 2% or 4% of your annual global revenue, or up to £20M, can you afford not to pay attention? If the answer is no, then it’s time to start engaging with a partner that understands data like no other and can help you on your journey to GDPR compliance.


Business owners and executives need to pay close attention to what data companies are storing and sharing, whom are they sharing with, and whether their technology providers will claim ownership of that information. More and more businesses will rely on third-party services to maintain their equipment in the field, to track their asset’s performance, to record product inventory and to provide software upgrades, among other things. With the big date fast approaching, the big question we are hearing  is “who owns the data?”. Should data be handled by IT or the business? IT knows how to store, backup, process and secure data but it doesn’t necessarily understand what the context of data is. 


The business, on the other hand, is the one creating the data, and is using it to make decisions. So ultimately, the question in regards to GDPR is who will be the person in charge of this undertaking? Usually, the DPOs (data protection officer), CDOs (chief data officer) and CIOs, are the roles that should be associated with data governance and GDPR. These people will typically bring the IT department and the business together, as they have shared goals. But where to start? How to deal with all the stakeholders who play a role in this matter? 


No matter their size and industry sector, businesses may find it useful to put in place a GDPR compliance programme to implement and monitor their data processing activities, both in terms of their internal business, and for their clients and other third parties they deal


We at Hitachi are not just a process, we are data, as we understand implications on data environments and can help you find where your data is located. We know how to manage and govern data throughout its lifecycle and can offer a GDPR service framework that integrates people, processes and technologies, allowing you to extract business value. We are pioneers in IoT, arming you with Next Generation technology for data governance.


Take a look at Hitachi Data Governance Services below:

  • Awareness Workshop: Our workshop is designed to facilitate an understanding of privacy within your organisation and will provide an awareness of how the GDPR legislative changes will impact the organisation.
  • Data Discovery Service:
  • Data Mapping Exercise: will help you show the flow of your data in your organisation, creating a source data map, data processing mapping with appropriate data anonymization, with our risk management experts providing pragmatic consultancy as they assess your data risk.
  • Privacy/Data Protection Impact Assessment: A measurement of the impact to your business of failure to protect PII in accordance with DPA and GDPR.
  • Health Check: Our health check has been designed to understand your privacy risks according to your business objectives. We will assess your privacy controls according to both DPA and GDPR requirements.
  • Strategy and Remediation Support: Now, more than ever, there is a need for organisations to have a defined  strategy to manage privacy risks. We will help you to assess the risk, build a roadmap and assist in all aspects of remediation and compliance with the DPA and GDPR.



Hitachi Data Discovery Services.jpg