Records and data management in times of new data protection and privacy standards, legal hold and retention schedules

With the increasing regulatory and operational requirements to manage and maintain data, it is important to ask yourself where you stand in your records management journey.

The following questions (not an exhaustive list) will help you to find out your current status: 

  • What personal data do we process, and in which applications and systems?
  • Do we know where data are stored within the organisation?
  • Do we know what data we archive? Do we ensure that archived data are no longer stored in applications?
  • Do we have automated deletion capabilities for adhering to retention periods? Have we considered legal hold?
  • Do we have a deletion capability for applications, archives and storage units,  for adhering to data subject rights and data protection officer requests?

Records and data management has always been an important topic for companies, i.e. ensuring adherence to legal hold when management of data has been a key element of the operational day-to-day business.

Today, with the expected revision of the Swiss Federal Act on Data Protection (FADP) and EU ePrivacy and EU GDPR, there are more requirements regarding the management of data. Following implementation of the EU-GDPR legislation, deletion and data identification have become central issues. Understanding what data a company processes and how data are maintained, and being able to identify and delete data, are key for efficiency as well as for compliance going forward. 

Post GDPR, it is important not to limit records and data management to personal data only. It is a journey for structured and unstructured data.

Legal hold, efficient data identification/data retrieval capabilities and automated deletion mechanisms are new and existing requirements that set a new standard of records management for today and the future… are you equipped to manage?

For more information on records and data management and to see how PwC can support you. 

Click here

We thank Ilir Rexhepi for his contribution to this report.

 

Contact us

Patrick Akiki

Patrick Akiki

Partner, Financial Services Advisory (Finance Risk and Regulatory Transformation), PwC Switzerland

Tel: +41 58 792 25 19

Angela Carpintieri

Angela Carpintieri

Advisory Director, Data and analytics, PwC Switzerland

Tel: +41 58 792 16 20

Morris Naqib

Morris Naqib

Director, Finance Risk and Regulatory Transformation, PwC Switzerland

Tel: +41 58 792 42 83

Florian Estoppey

Florian Estoppey

Artificial Intelligence & Automation, PwC Switzerland

Tel: +41 58 792 75 93

Gabriel Jufer

Gabriel Jufer

Manager, Artificial Intelligence & Automation, PwC Switzerland

Tel: +41 79 738 99 55