The European Union’s General Data Protection Regulation (GDPR) goes into effect this May. In order to comply with GDPR’s requirements, it’s important to get your data copies under control so you know where they are and who’s using that data.

This is a big challenge. Studies show that as much as 90% of your data is probably on secondary storage and likely not well-managed—dark data that no one really understands. Reducing the number of copies requires using tools that make data more usable and accessible without duplicating it; managing it more effectively requires using tools that help you track what data is stored where.

GDPR Requires You to Know Where Your Data Is

It’s impossible to comply with GDPR if you don’t know where your data is. With GDPR, you don’t have the right to do whatever you want with the personal data you collect about users and customers. You need explicit permission to use the data for any specific purpose. GDPR also gives individuals the right to review their data and have it corrected or deleted.

If your data is being duplicated again and again for every new use or if departments store their own data files in the cloud, you risk losing track of where data resides and being unable to comply with GDPR requirements to provide data to individuals or update it upon their request.

There are two kinds of technology you can use to make sure you know your data and can remain in compliance with GDPR.

Technology to Help You Locate Data

First, you need technology that helps you keep track of where your data is. This means using products like Veritas Information Map and Veritas Data Insight. These products help you reduce risk by identifying what data is stored where and how it is usually accessed. Cloud connectors let you apply these tools to data in cloud environments as well as locally stored data.

Technology to Help You Reduce Data

Making fewer copies of data will make it easier for you to manage that data. NetBackup can be combined with copy data management tools to give users access to virtual copies rather than new physical copies of data that require storage and make it harder to comply with GDPR.

Another option for reducing the number of copies of data is to use hyperconverged secondary storage such as that from Cohesity. This storage has integrated compute capability, so jobs can run directly on the platform without needing to create additional copies. The same device can do double-duty, serving both disaster recovery and processing needs.

Do you know where your data is? If not, dcVAST offers services that help you track it, store it, and manage it in compliance with GDPR. We provide professional services to analyze, design, and implement solutions, as well as managed services to keep your technology running optimally. Contact us to learn more about the technologies you can use to keep data visible and meet your GDPR requirements.