Khoros Community

The Great Migration: Volume 7

I like to think SolarWinds has a pretty solid corporate sense of humor, especially surrounding that little four-letter word: GDPR. From the placard on the door of my boss's office reading "GDPR Readiness Valedictorian" to the various satirical Game of Thrones "GDPR is Coming" knockoff stickers you can find in various cubes, it's hard to miss the ominous feeling.

 

Don't feel dread, get read...y. Get ready. GDPR doesn't have to be painful, but it's also safe to say it can't be a one-size-fits-all solution. What you need to do is get yourself a plan. Plans solve problems, prevent breakdowns in communication, and (most importantly) cover you, your community, and your company's **bleep** in the scenario that you do eventually come across a request to be forgotten, or a request for data portability.

 

Oh, yeah, those. If you're catching up on the Geedz (pronounced "jeedz" - it's something only I call GDPR, but feel free to help it catch on), the General Data Protection Regulation entitles European Union citizens to certain rights with their data. Of which, thinks like the right to be forgotten and the right to data portability are covered.

 

Now, in the words of any good Texan, "I ain't got no legal expertise, so y'all will want to consult yer company legal teams on this."

 

To me, there are a couple of steps you can go through to make this easier than starting from scratch:

 

  1. Meet with your company's legal team. They're busy people, but they'll appreciate you being proactive about this. As with all laws, GDPR is up to interpretation. Some companies will opt to read the law in its strictest form, some may be a little lax. Your legal team will be able to give you guidance as to how your company will comply.
  2. Complete a discovery and write everything down. What systems are you using? What private information do those systems capture and store?
  3. Educate yourself on how Lithium is helping us prepare in their ongoing development of the Lithium JX product. Here's a thread with some details.
  4. Make a plan. Given how your company wants to comply with GDPR, what systems you're using, and what information those systems have, how are you going to comply with the various facets of GDPR? If you want an example of a plan, I posted mine here for you.
  5. I guess you can party, at this point.

 

I know this isn't migration-related, but I hate seeing y'all suffer. Welcome to 'compliance'!

Ben Garves
THWACK Community
SolarWinds
About the Author
My name is Ben Garves. I'm a Senior Product Manager at SolarWinds, overseeing the success of our THWACK online community for IT professionals. We're a 150,000-member external community, currently on the Lithium JX platform.