AITech Interview with Maricela Lechuga, Legal Counsel, Data Privacy Lead at Denodo

Bridging enterprise calls for with shopper rights. Expert insights on securing knowledge, navigating international compliance, and adapting to the AI revolution.

Maricela, you focus on knowledge privateness and governance at Denodo. What initially drew you to this subject, and the way has your function advanced as rules and applied sciences proceed to alter?

For me knowledge privateness is a captivating cross between assembly the wants of the enterprise and defending the rights of customers. Its origins could be traced again to the 1948 Universal Declaration of Human Rights (UDHR), which declared the correct to privateness as a basic human proper. While present know-how has wildly surpassed current privateness legal guidelines, I nonetheless discover the sector to be considerably futuristic and ever increasing. As rules and know-how proceed to develop and evolve, so does the character of the work. There’s an rising want for privateness professionals with not solely the flexibility to learn and interpret rules, however the capability to interpret rules into actionable subsequent steps, talk wants, and efficiently implement new processes by way of collaboration and stakeholder engagement. It’s plenty of coordination and alter administration, which I really like.   

With knowledge breaches turning into extra frequent and regulatory pressures rising, what are essentially the most urgent challenges organizations face in managing knowledge privateness and governance at this time?

Artificial intelligence and its related rules, that are nonetheless shaping out, have added complexity to the already current advanced nature of managing knowledge privateness, safety, and governance notably in multi-cloud and hybrid environments. Ironically, AI and Retrieval Augmented Generation (RAG) know-how can be a part of the answer, as I’ll talk about under. 

Data virtualization is a game-changer for enterprises. How does Denodo’s strategy to knowledge governance differ from conventional knowledge administration options?

Denodo’s knowledge virtualization revolutionizes knowledge governance by shifting from bodily knowledge replication to a logical, centralized layer. Unlike conventional strategies with scattered insurance policies and complicated ETL processes, Denodo applies governance at this digital layer, enabling streamlined coverage enforcement, elevated accuracy, enhanced safety with fine-grained controls, complete knowledge lineage monitoring, and evaluation of dynamic knowledge whatever the supply or cloud migration processes. In abstract, Denodo helps prospects keep away from the pitfalls of conventional knowledge administration, empowering them to confidently leverage their knowledge—their Most worthy asset—for vital selections in a continually evolving knowledge panorama. 

The energy of the Denodo Platform is additional augmented when mixed with generative AI (GenAI) options of its personal, akin to the flexibility to question all knowledge in human pure language, in order that anyone working in a authorities group with the suitable authorization can conduct knowledge evaluation in actual time without having to make use of knowledge engineering abilities. This multi-faceted strategy permits organizations to leverage each their static historic knowledge in addition to “dynamic” knowledge being up to date in actual time, as is typical in real-time analytics use circumstances akin to menace detection. 

One of the largest issues round knowledge governance is balancing accessibility with safety. How does Denodo be sure that organizations can unlock enterprise insights whereas sustaining strict compliance?

Denodo Platform affords privateness and safety features like fine-grained entry management, knowledge de-identification, and knowledge utilization monitoring. Moreover, it streamlines the safe and environment friendly implementation of Retrieval Augmented Generation (RAG), the present finest follow for offering LLMs with correct, up-to-date knowledge throughout all related sources, thereby aiding compliance with evolving AI governance frameworks centered on transparency and accuracy.

Compliance with GDPR, CCPA, and HIPAA is a precedence for companies working throughout a number of areas. How does Denodo assist organizations navigate these advanced regulatory landscapes?

Denodo assists organizations in navigating advanced regulatory landscapes like GDPR, CCPA, and HIPAA by way of a number of key options. Its platform facilitates privateness compliance necessities, together with Data Subject Access Requests (DSARs) and consent administration, by offering a unified view and management over disparate knowledge sources. Regarding GDPR’s worldwide knowledge switch issues, Denodo’s knowledge virtualization can decrease knowledge motion by enabling entry and evaluation in place, lowering the necessity for bodily transfers. For HIPAA compliance, deploying Denodo on-premises ensures that the group, not Denodo, is the Business Associate, and granular, role-based entry controls additional strengthen adherence to HIPAA’s safety necessities.

Role-based entry management and knowledge masking are vital in stopping unauthorized entry to delicate knowledge. How do these options inside Denodo’s platform strengthen knowledge safety?

Denodo strengthens knowledge safety by way of its sturdy role-based entry management (RBAC) and knowledge masking options. 

First, RBAC permits for granular permission administration, enabling directors to outline roles and assign particular entry rights to the information. This helps prospects tailor entry to particular roles and cling to insurance policies. 

Complementing RBAC, Denodo’s knowledge masking capabilities are utilized by prospects to guard delicate data. Through this function they’ll obscure or change delicate knowledge with practical however fictitious values. This dynamic masking functionality, mixed with RBAC, can create a strong safety framework that not solely limits entry but in addition safeguards knowledge when accessed at a company. 

Hybrid and multi-cloud environments add one other layer of complexity to knowledge governance. What methods ought to organizations undertake to take care of management over their knowledge throughout numerous infrastructures?

Navigating knowledge governance in hybrid and multi-cloud environments requires a strategic strategy, akin to that supplied by Denodo’s unified semantic layer, which permits organizations to implement constant safety insurance policies, handle knowledge lineage, and supply real-time entry to correct knowledge, thereby avoiding enterprise interruptions.

Real-time monitoring and auditing play a big function in proactive knowledge governance. How does Denodo equip companies with the instruments to detect and mitigate dangers earlier than they escalate?

Denodo empowers businesses by offering proactive data governance enhancing features such as real-time monitoring and comprehensive auditing. Through the Denodo Platform prospects can keep detailed audit logs, monitoring all knowledge entry and utilization, and allow configurable alerts for suspicious actions like unauthorized entry or uncommon question patterns. Data lineage monitoring permits organizations to hint knowledge origins and determine inconsistencies, whereas coverage enforcement and monitoring guarantee compliance throughout numerous environments. Centralized visibility throughout hybrid and multi-cloud programs simplifies danger detection, enabling companies to swiftly determine and mitigate potential points earlier than they come up. 

Many corporations battle with implementing a scalable knowledge governance framework. What are the important thing steps organizations ought to take to construct a powerful, future-proof knowledge privateness technique?

Start with the fundamentals. Don’t underestimate the significance of an information stock which is the muse for any knowledge governance program. Build off of the information stock and mature your knowledge privateness program by specializing in quantifying and enhancing the accuracy of the metrics. A robust privateness program might be higher capable of adapt to future wants and we’re already seeing this with AI. Organizations with weak privateness governance will face higher challenges in establishing efficient AI governance.  

How do you see knowledge privateness and governance evolving within the subsequent few years, and what function will Denodo play in shaping that future?

Growing privateness legal guidelines all over the world implies that international governance goes to develop into extra advanced and nuanced. Manual compliance processes will develop into unmanageable and corporations might want to leverage know-how for full or partial automation and compliance. 

There can be an attention-grabbing development in direction of a extra egalitarian strategy to knowledge. This could be seen by way of newer privateness legal guidelines such because the Data Act and the Health Data Space Regulation within the EU, which search to make use of private knowledge saved by numerous firms and entities for the higher good. These legal guidelines create the authorized foundation i.e. the reliable curiosity for secondary makes use of of knowledge and the processing of non-public knowledge for various functions than what was initially collected. 

They create a path to innovation by way of sharing of non-public knowledge together with delicate well being data. Denodo permits entities topic to those rules to boost the bar by offering the technical capability to do the reporting with out compromising the correct to privateness. No must decrease the bar and create carve out exceptions that compromises privateness rights of knowledge topics set forth beneath GDPR, know-how just like the Denodo platform might help allow innovation with out compromising privateness rights set forth beneath the GDPR or decreasing the bar.  

A quote or recommendation from the writer: By failing to organize knowledge, corporations are making ready to fail (at AI). Chief Privacy Officers don’t want to decide on between compliance and innovation. The secret to unlocking AI’s full potential lies within the capability to operationalize fundamental privateness and safety rules.

Maricela Lechuga is an Associate Legal Counsel at Denodo. She can be an environmentalist who has advocated for a ban on the usage of lead-based gasoline in aviation. Her activism has taken her earlier than the US Congress the place she testified as a witness in a listening to held by the Subcommittee on the Environment.

The submit AITech Interview with Maricela Lechuga, Legal Counsel, Data Privacy Lead at Denodo first appeared on AI-Tech Park.