Data Discovery and Workflow Automation — The DataGrail Difference for Privacy Compliance
Debjit Mukerji, Partner at Next47
Personal data is becoming less private than ever before. In our rapidly digitalizing world, businesses are collecting information on individuals at an ever-accelerating pace. With global privacy regulation on the rise, these companies need more help than ever in maintaining compliance and securing public trust. Today, we’re excited to announce Next47’s investment in DataGrail, a differentiated software platform designed to offer just that.
Virtually every modern enterprise gathers, archives and processes data on their customers, employees and affiliates for internal use — and frequently packages it up for sharing with, or selling to, third parties. As these practices have gained momentum, digital trust has eroded. According to McKinsey, over 70% of consumers would avoid engaging with companies with whom they have security concerns. A majority do not trust enterprise data privacy practices, in any industry — even those considered inherently more secure such as finance and healthcare.
To put power back in the hands of consumers, governments have stepped in and ramped legal protections. GDPR in Europe is just the beginning, not the end of the story: in just the next two years Gartner expects 65% of the world’s population to be covered under modern privacy regulations, up from just 10% at the end of 2019. In the US, California has taken the lead with CCPA (soon to be replaced with CPRA), Virginia recently passed a comprehensive bill and nearly a dozen other states are following closely. Many experts believe that a federal data privacy framework is just a few years away.
With new privacy laws in place and more on the horizon, both B2C and B2B enterprises of all sizes are under pressure to meet the compliance challenges of today and tomorrow. They must respond within weeks to data subject requests (DSARs) — to access, delete, modify, stop sharing or selling personal information — for which they need on-demand capability. But they also need continuous compliance, maintaining personal data inventories and updating records of processing activities (ROPA) that chronicle how that information is used.
Here’s the problem: personal data are broadly defined and live across more locations and applications than ever before, with the explosion of cloud software and storage a key catalyst. With such fragmentation, managing privacy compliance can quickly turn into a tedious and expensive undertaking involving needle-in-the-haystack exercises with heavy manual effort and the coordination of various departments like sales, marketing, HR, and accounting. Most legal teams have neither the bandwidth nor technical expertise to keep up.
With these challenges in mind, we were amazed at how thoughtfully the team at DataGrail architected its solution. Led by CEO and co-founder Daniel Barber, DataGrail has created a unique, end-to-end software platform that automates privacy compliance for legal teams using intuitive interfaces — and sophisticated engineering under the surface.
That technical approach is based on one of DataGrail’s core principles: that the foundation of comprehensive compliance is continuous data discovery. The team has therefore designed a platform that deeply integrates with SaaS applications, data lakes and on-premise databases, leveraging a growing library of hundreds of pre-built connectors. Its secret sauce includes the ability to evaluate patterns and “detect” personal data living in IT systems that may otherwise have gone overlooked. Once found, those data sets are mapped out systematically.
By pre-discovering data and automating manual workflow steps, the DataGrail platform reduces response times from weeks to just a few hours, and the number of people involved from a couple of dozen in most cases to a single individual. For consumers, it allows frictionless management of consents, preferences and communications from centralized interfaces — helping enterprises create a superior data privacy experience for their customers.
What further impressed us is DataGrail’s exceptional speed in delivering value. Recognizing that no one has time for a complex implementation, the company offers no-code onboarding that gets enterprises up and running quickly. Once installed, the system automatically evolves with ever-shifting suites of software applications and data architectures.
Our global team at Next47 is excited to partner up with Daniel and his stellar team as DataGrail sets out on its next chapter of growth. With a platform that makes it easy for both enterprises and consumers to manage their respective needs, DataGrail is helping to create and restore the single most important element in the world of data privacy: trust.