No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

How Autodesk Applied an Innovative Approach to Data Integration to Maintain GDPR Compliance

Using Data Virtualization to Get Ahead of the General Data Protection Regulation

by Saptarshi Sengupta
March 28, 2019
in Data Privacy, Featured
GDPR shield and EU stars in businessman's hand

Meeting the stringent requirements of the GDPR is no easy feat. Denodo’s Saptarshi Sengupta discusses how a leading organization approached the challenge – and achieved significant time and expense in the process.

While the looming deadline for the European Union’s General Data Protection Regulation (GDPR) of May 2018 has come and gone, global organizations, like Autodesk – one of the biggest names in worldwide 3D CAD design, have either adapted well and are in compliance or are racking up some serious violation penalties. In late 2017, Forrester’s report “Predictions 2018: A Year of Reckoning” estimated that 80 percent of firms affected by the GDPR would not be able to comply with the regulation by the deadline, and of those noncompliant firms, 50 percent would intentionally not do so. Whether your organization has already found the right mix of technology and processes or you’re still looking for the right path to GDPR nirvana, establishing and maintaining compliance is no easy feat and requires an innovative approach to ensure success.

While many organizations seemed to be in reactive mode when it came to achieving GDPR compliance, Autodesk considered it an incentive for stimulating innovation without sacrificing revenue goals. Autodesk’s quest for GDPR compliance actually fueled improvements through new perspectives and approaches to solving problems, which led to new paradigms in best-case scenarios. “Privacy by design,” for example, is an information strategy that was formed as part of GDPR to incorporate data privacy in systems and processes as they are being developed or revised.

This approach, which is mandated by the GDPR for new projects, necessitates investing in data privacy up front. This method is often used based on the belief that such an investment will 1) pay off overall via customer loyalty and 2) avoid costs associated with penalties and rework to retrofit systems and processes to accommodate future personal data privacy rules. It also provides the opportunity to “design in” the flexibility necessary to accommodate future clarifications and changes to the GDPR.

However, achieving a holistic view of GDPR-related data is challenging given the fragmented data ecosystem comprised of diverse data sources. Autodesk leveraged existing data virtualization technology and its logical data warehouse model to help prepare the organization to meet the stringent GDPR requirements.

Using data virtualization, Autodesk Platform Lead Kurt Jackson created a layer of abstraction between data consumers and data sources, making it possible to leave all source data exactly where it is and establish a virtual view for accessing all compliance-related information. After selecting its data virtualization solution, they were able to both avoid data movement by logically consolidating all the data and ensure data privacy by design, a key requirement for GDPR compliance. This also allows Autodesk to support data cataloging as well as search and discovery of both data and metadata and provide a mechanism to centrally audit and glean lineage of sensitive data.

Autodesk had already successfully deployed data virtualization technology to help establish an agile business intelligence 2.0 architecture with a logical data warehouse at its core to create a single, unified enterprise access point for its changing business models. With the system up and running and already delivering ROI, the team discovered they could apply the same technology to help various Autodesk business teams plan, develop and maintain a GDPR solution. However, the challenge was for Kurt to help the business teams realize that the right technology for the GDPR solution was already available within the organization and then ensure they leveraged the technology for the optimum outcome.

What came as a surprise was that the data virtualization team didn’t know that other business teams within Autodesk were already working toward meeting the GDPR requirements and the associated deadline of May 2018. It was also discovered that a potential solution – already in process with the business teams – called for 12 full-time staff to be put in place to research proper handling of the 10,000+ “delete requests” from its more than 2 million active accounts. These were jobs that would do no more than collect and provide data to other members to take action.

The business teams didn’t know Autodesk was already using data virtualization technology for a logical data warehouse. Kurt and the data virtualization team reached out to the business teams and volunteered to handle triage of all incoming “delete” requests from customers. But when it was discovered the planned approach called for dedicated, new, full-time staff to field the requests, research the account and then provide the information to other teams and systems to handle deletion in all appropriate source systems, all teams quickly realized they already had the right technology and a better solution: data virtualization.

Just as Autodesk leverages data virtualization for its logical data warehouse, they realized they could do the same for their GDPR solution. Autodesk knew the GDPR challenges were the same: get disparate, numerous source systems and models that don’t talk to or integrate with each other to come together virtually. In the case of GDPR, the data virtualization platform brought together 104 different objects over 11 different data systems all through a single web service. The team started the project in February 2018 and was finished by the end of April with only two individuals handling the coding.

Autodesk can now process a single request in only 20 seconds, whereas the planned solution called for manual intervention that took humans 480 seconds per request. Leveraging data virtualization, Autodesk eliminated the need for 12 full-time staff and designed and implemented its GDPR solution in only three months with only two individuals coding. With more than 10,000 delete requests per month and potential fines of 4 percent of revenue for customer privacy violations, Autodesk was able to meet all GDPR requirements and save the company significant resource time and budget in the process.


Tags: GDPR
Previous Post

An Interview with Louis Sapirman, Senior Compliance & Ethics Leader

Next Post

Disruptive Innovation Tops List of Threats to Companies – Is Your Organization Thinking and Acting Digital?

Saptarshi Sengupta

Saptarshi Sengupta

Saptarshi Sengupta is a Principal Product Marketing Manager at Denodo, a provider of data virtualization software. For more information visit https://www.denodo.com or follow on Twitter at @denodo.

Related Posts

origami tiger

Paper Tigers Won’t Protect You: The Reality of Effective NIS2 Compliance

by Hans Kayaert
March 24, 2025

Why Belgium's early adoption model could prevent another round of ‘compliance theater’ across Europe

examining data on laptop screen

Privacy Rights Surge Forces Rethink of Data Management

by Gal Ringel
March 14, 2025

As global privacy regulations multiply, organizations face mounting pressure to efficiently respond to data subject requests amid complex data environments

gdpr website screenshot

In the World of JavaScript, GDPR Consent Forms Merely Scratching the Surface

by Rui Ribeiro
December 16, 2024

Consent forms alone don’t mean much when consumers are so tired of checking boxes they don’t even read the policies

us map black and white

Minnesota Latest State to OK Consumer Data Privacy Law

by Amanda Novak
August 26, 2024

Measure set to go into effect for most covered entities next summer

Next Post
plane flying across other planes' contrails

Disruptive Innovation Tops List of Threats to Companies – Is Your Organization Thinking and Acting Digital?

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights