Working with MDMP

Use a Metadata Service Provider (MSP) like Factern to capture and store the metadata that you need to implement strong data governance:

  • Map the location of all Personally Identifiable Information (PII)
  • Describe business policy and permissioning models used to govern access to that data
  • Record consent in an independent, verifiable and auditable way
  • Track all activity related to data access as a complete audit trail

Integrate systems with MSP to enable them to reference data held on other systems within your organisation, by drawing on the metadata stored on the Fact Table:

  • Reduce unnecessary duplicate copies of the same data to optimise storage costs and data security
  • Create an internal market for attestation services to minimise duplication of due diligence efforts in the organisation
  • Demonstrate compliance with "privacy by design"

Develop interface that gives the customer (as data owner) the ability to access and manage the data that you host on their behalf:

  • 'Privacy statement' that summarises existing PII, consents given, etc.
  • Mechanism for capturing and updating consent
  • Channel for request and resolution of Subject Access Requests

Use MSP to increase connectivity with third party service providers

  • Implementation of Portability Requests
  • Channel for distribution of services (e.g. attestation) to third party service providers

For more information, read Oliver Wyman's point-of-view paper "Future Proofing Privacy".