Tick - tock... Time is running out to get ready for the GDPR. The regulations are going to affect all companies, whether they store customer data or not. In this Q&A with ExchangeWire, Jennifer Roubaud (pictured below), VP UK/Ireland, Dataiku, shares her view on how companies can prepare for the new era of data transparency, and makes recommendations on data structure and access.

ExchangeWire: How should companies structure their data to meet the demands of GDPR?

Jennifer Roubaud: With GDPR, companies will need to get organised around where all kinds of data (sensitive or not) is stored, ensuring it’s accessible, but only to those with a business need to access it. Ideally, that means everyone at the company should be accessing data (no matter where it’s stored) from one centralised location. Data science tools and platforms can easily provide this type of governance and connect to multiple data sources, centralising access to all data – including personal and sensitive data – for the entire organisation. Structuring data around centralised access also helps with accommodating data subject requests in a timely fashion, another potentially challenging stipulation of GDPR.

Jennifer Roubaud, VP UK/Ireland, Dataiku

How can companies prepare for GDPR – even if they don’t plan to collect EU customer data?

GDPR-compliance doesn’t have to be boiled down to just a pesky obligation that must be fulfilled. Even for companies that don’t plan to collect EU customer data, adopting the principles of GDPR (like privacy by design, good data governance practices, and the ability to fulfill data subject requests) can be good business and an excellent way to earn customer or user trust with data. For these companies, I’d say take advantage of the opportunity to streamline your big data strategy and empower teams across the organisation to become more efficient and scalable using GDPR as a guideline.

Can you share the best practices for data management?

I think, for data management as well as data strategy in general, one of the most important best practices is maintaining a controlled, yet agile, data environment. Change is inevitable; and the reality of data protection and privacy regulations is that they will continue to evolve with emerging new technologies. So, for all businesses working on GDPR-compliance, or even those outside of the reach of GDPR, it’s important to adopt a flexible solution that will change along with future technologies and regulations.

You led the international expansion of a division of an FTSE 100 company. What is your experience as a woman in a leadership position in the tech industry; and where do you see need for action in terms of gender balance?

As a woman in leadership in tech, I have really gained a lot of perspective and been able to take a step back from my own challenges I had to overcome to get here and realise the bigger picture. Which is that even technical positions like IT have a huge element of perspective and creativity, and men and women have different cognitive abilities – different biases – which can impact projects in significant ways. Even though we’ve come a long way, I think we can still talk more about the amazing things women are doing in tech (especially in data science), the problems they’re solving, and the work they’ve accomplished. Also, issues or problems that disproportionately impact women tend to attract more women in tech; so drawing more attention to these specific questions and problems can also go a long way in fostering passion about data and data science, or tech more generally, among women of all ages.