The Key Elements of the GDPR

Melissa IN Team | GDPR | , , ,

GDPR Elements
Twenty years ago, when a customer bought a new pair of shoes, the only information given to the vendor was his or her shoe size. Today, most people shop online. Now, when a pair of shoes is bought online, the seller gets access to the customer’s name, address, phone number, email address, and credit card number in addition to their shoe size. That’s a lot of data.

As the amount of information about customers held by a firm increases, so does the organization’s responsibility for its ethical use. The General Data Protection Regulation (GDPR) is a set of regulations designed to protect personal data from misuse.

Key Elements of GDPR

The GDPR aims at protecting people’s fundamental rights with respect to their personal information. It is applicable to personal data that is processed completely or in part by automated means or data that is part of a filing system. These regulations are described in the form of 99 articles. The key elements of these articles are:


Under the new legislation, brands cannot collect or use personal information unless the customer gives consent for the same. Organizations will need to be able to show how and when they obtained this consent.

Right to be informed

When organizations collect data, they must inform consumers about why they are collecting this data, how it will be used and for how long it will be stored. Consumers also need to be informed of whether or not the information they provide will be shared internationally.

Right of access
Individuals have the right to ask for information on how the data provided by them are being used and processed by the organization. This information must be provided free of charge within one month of a request being made. However, a fee may be charged if the request is repetitive or unfounded.

Right to rectification

It might happen that a customer’s information held by a company is inaccurate. In such cases, the customer has the right to ask the company to make changes to the data in order to correct the inaccuracy. These changes must be made at the earliest.

Right to erasure

Customers can withdraw consent by closing their accounts and request organizations to stop using their personal data. Businesses and organizations will have one month from the time an account is closed to erase all private data associated with the account. Exceptions may be made when the data is being used to serve public interests.

Right to restrict processing

If a consumer believes that data about them has been procured unlawfully or if the data is inaccurate, they have the right to block its usage. The organizations holding this data will have to verify the data and inform the individual of the same.

Right to object

Under GDPR if individuals ask whether their personal data is being used to benefit public interests or for any other reasons, organizations are under obligation to give reasons for the same. They may also restrict the processing of their data for activities such as direct marketing.

Controller and Processor

GDPR defines a controller as the principal entity responsible for obtaining and managing consent with respect to the collection and storage of an individual’s data. The authority or person who processes this data is known as the processor. The controller and processor must maintain detailed records of the data held by them. GDPR also lays down clauses on how the relationship between these two entities must be constructed.

Data Protection Officer (DPO)

Organizations that collect data from their customers must have a DPO. The DPO will act as an advisor to the processor and controller, monitor GDPR compliance and train staff on how the data gathered from customers must be processed to be compliant with GDPR norms.

Notification of a data breach

Despite a company’s best efforts, a security breach may still occur. If this leads to the unlawful or accidental destruction, alteration or loss of personal data, the company must inform the appropriate supervisory authority of the same within 72 hours. Similarly, appropriate authorities must be informed if personal data is accessed or transmitted through unauthorized means.

If a company collects and stores personal data but does not comply with the GDPR regulations, they may face stiff fines and penalties. Thus, unless a brand wants to be in the news for the wrong reasons, compliance with GDPR is necessary. GDPR marks a shift in rights over individual data and hands power back to customers. That said, it is interesting to note that people aren’t uncomfortable with sharing their personal data with trustworthy brands. Compliance with GDPR can, in fact, enhance their buying experience and thus lead to longer-lasting relationships.

Data Quality? That’s not in my job description!

Melissa UK Team | Big Data, Data Cleansing, Data Enhancement, Data Enrichment, Data Management, Data Matching, Data Quality, United Kingdom | ,

It may not be explicitly stated but ensuring your company has good quality data is part of your job role. Why? Because all of us depend on data to do our work and if this data contains errors, it makes your job more complicated.

What would I need to do?

You need to advocate for data quality.

When you come across data errors, your natural reaction is one of two things – correct the error or ignore the error because it is time consuming and a waste of your time to find and fix every data related flaw in the system.

Whilst this is true, your work is likely to depend on the data that your systems hold and without this data, your job becomes nearly impossible or extremely complicated. Unless you like long nights and high doses of over time, we suggest that you speak out for data quality.

As we’ve established before, finding and fixing every single data error in the system is time consuming and expensive. It is also a total waste of time as data can change on a regular basis meaning that there is no value in doing this. A popular solution would be then to prevent errors at their source which reduces the need to find and fix data errors – this addresses data in a more proactive manner.

As an individual and as part of a team, you can prevent bad data from entering into your systems by verifying data inputted, by ensuring that databases are regularly monitored and updated and by actively communicating about bad data. If every person in a company were to follow these simple steps, data related costs would dramatically decrease and the customer experience would be dramatically enhanced.

There must be an easier way to do this!

You’re right – it is just as time consuming to let employees handle and manage data. Systems can be put into place to ensure that all data held is verified and up to date as well as to remove bad data and duplicate data. But the truth is, most companies still don’t know how to manage their data. They have plenty ideas about what they could do but prefer to sit on the side lines adopting a reactive manner. It is your job to speak out about data quality and push your company into a proactive state. What does this mean? Forcing your company to adapt a strategy which allows them to better manage their data and thus, benefit from a data driven competitive advantage.

Driving data quality within a company starts from the bottom – it requires individuals to raise their voices and voice their concerns.

Want to find out more? The Melissa team is happy to speak to you about our data management services – feel free to contact the team on 020 7718 0070 or via email at

If you are interested in continuing the conversation, please connect with us on Twitter.

Fintech Connect – Excel, London

Melissa UK Team | Global ID Verification, News & Events, United Kingdom | , , , , , , ,

Fintech Connect is coming up next week and as we prepare for the show, we thought we would come to our blog to let attendees know what to expect from the team. This will be our second time at the event and as a leading fintech event, there will be a number of players in the fintech ecosystem attending the event to view the latest innovations changing the fact of the sector, so we’re looking forward to meeting everyone. For more information in regards to the event, you can visit the official website here.

The Melissa team will be there for both days at Stand C3 where we’ll be providing demos of our services. In particular, we’ll be talking all things identity at the event focusing on our ID verification solution – this comprehensive tool, that is easily and quickly integrated, enables financial service providers such as fintech and banking institutions, insurance providers and money transfer companies to eliminate billions of pounds in losses, streamline and accelerate compliance, and exceed customer expectations for speedy transactions and simplified onboarding.

Our ID verification solution is fully compliant to all major regulations and performs identity resolution with capabilities such as national ID, age, and full contact data verification, data enrichment, and watchlist screening.

One of the newest features include fast and uniquely effective onboarding, based on dynamic Optical Character Recognition (OCR) and proprietary biometric facial recognition. Print information is quickly extracted to digital format, while customers are authenticated as living and present. Additionally, powerful entity matching capabilities consolidate diverse data sources to ensure the most accurate single customer view (SCV) and uncover hidden relationships in customer data.

In addition to technology demos, we will be sharing customer success stories, featuring insight on how Metabank and car2go have utilised global verification services to protect against fraudulent identities and reduce cost. There will also be a special offer for Fintech Connect attendees, so remember to swing by the stand and take advantage of that!

If you’re attending Fintech Connect and want to set up a 1-to-1 with the team, you can register your details here and one of our team will get back to you to arrange a time!

Key Information:

Fintech Connect 2019

Excel London

5th – 6th December 2019

Melissa Global Intelligence: Stand C3

Don’t forget to follow us on Twitter where we provide daily updates about the London team as well as discuss our products and answer FAQs! We’ll also be live tweeting from the event so get involved if you can and we’ll see you there!

Melissa Drives Secure Healthcare Data with Compliant, On-Premise Tools

Melissa Team | Data Cleansing, Data Integration, Data Management, Data Quality, Healthcare Data Management, HIPAA, News & Events, Product Launch, Street Route, Unison | , , , , , , , , , , , , ,

Certified for Privacy and Security, Melissa’s Smart Data Quality Suite Accelerates Patient Onboarding and Routing to Physicians

Rancho Santa Margarita, CALIF – September 26, 2018 – Melissa, a leading provider of global contact data quality and identity verification solutions, today announced identity management and verification tools purpose-built to meet healthcare customers’ data processing, support, and security needs worldwide. Certified compliant to SOC2, HIPAA, and HITECH industry regulations, Melissa’s Unison data quality platform and other data verification APIs can be deployed on-premise to ensure sensitive patient data never leaves the organization. Solutions are scalable and flexible to support all types of healthcare groups and agencies, helping providers and their end-users reduce costs, increase efficiency in managing private patient data, and improve the patient experience.

One Fortune 500 customer integrates Melissa geocoding in its healthcare administration platforms to provide distance calculations, needed in determining the nearest options for assigning primary care physicians to patients. Other uses include optimizing route planning for emergency response, enabling hospitals and first responders to calculate the most accurate distance and travel time to patients’ homes or emergency shelters.

“Our healthcare customers are empowered with secure identity and address management, and many see additional value from sophisticated tools they may not have been able to access before. For example, only viable addresses enter their systems, optimizing customer records as well as reducing costs for invalid, returned mail,” said Bud Walker, vice president, enterprise sales and strategy, Melissa. “These are business tools that are truly optimized to meet the needs of global providers. Attention to security and regulatory compliance is our priority, even while we’re able to integrate processes quickly and remain flexible to diverse data needs.”

Melissa’s healthcare customer base includes some of the largest providers worldwide, tapping into data excellence to drive specialized products and services for a broad spectrum of healthcare end-users. Click here for greater insight on Melissa’s Unison data quality platform. To connect with members of Melissa’s global intelligence team, visit or call 1-800-MELISSA.

Get in the Contact Zone

Blog Administrator | Analyzing Data, Analyzing Data Quality, Data Integration, Data Management, Data Quality, Data Steward, ETL, Global Data Quality | , , , ,

If you’re
looking for that perfect all-in-one solution that combines the power of easy
integration and Melissa’s full spectrum of data quality solutions, then you
need to get in the Zone – The
Contact Zone®.

Zone employs all the customer data management tools you’ll need to help provide
consistent, trusted, accurate data across the enterprise – all in one single
platform for effortless integration. 

Plus, it’s powered by Pentaho®
Data Integration (PDI), which gives Contact Zone a simple, graphical user
interface, dynamic templates, administrative features, and so much more.
Collect data from any source, cleanse and transform it, and gain immediate
insight for meaningful use.