Mainframe Blog

GDPR – Some data recovery implications (part 2)

Phil Grainger
3 minute read
Phil Grainger

Let’s look at ways that BMC Software’s Recovery Solutions for Db2 and IMS help you not only comply with GDPR, but also ensure that your business stays out of the news for all the wrong reasons.

The regulations say that companies must be able to:

…. restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.


  • The restoration of data and access to it must be completed in a “timely” manner. Timely is not specifically defined, but you can read as meaning “as quickly as technically possible.”
  • The data must be recoverable after ANY physical OR technical incident.

Many companies believe that their disaster recovery plan with disk mirroring will suffice, but it’s likely to be insufficient for a number of reasons:

  • Any changes made to the original data will immediately be reflected in a change at the mirror. Thus an accidental (or malicious) deletion or update of data will itself be mirrored, and the mirror backup becomes useless as a recovery mechanism. If this is your ONLY backup, then you will not be able to recover the data at all.
  • A catastrophic data loss of the kind that mirroring is ideally placed to protect is by far the least likely event to occur. Human error, sabotage, or plain stupidity are all far more likely to be the source of your data recovery challenges.

To fully comply with GDPR’s insistence on timely recovery from any eventuality, companies will need flexible recovery plans to react to any data corruption/loss event. This means a software recovery solution because only a software-based strategy can give you total flexibility, including the ability to refine the strategy should you ever have to perform a recovery for real.

BMC provides the fastest utilities available for both securing backups and performing data recoveries – the latter ensuring that your company complies with the “timeliness” directive of GDPR. Your own auditors will define what “timely” means for your company, but you are going to need to restore access to the data as fast as possible.

BMC has you covered with:

  • A software-based recovery solution enabling data to be recovered no matter what the originating incident.
  • Creation of all the steps necessary to perform that recovery, eliminating the “think” time that will slow down recovery efforts.
  • The fastest recovery tools on the market for both Db2 and IMS.

Remember, GDPR comes with sanctions. Failure to comply with GDPR can ultimately result in a fine of up to 4% of annual GLOBAL REVENUE, or €20 MILLION, whichever is the HIGHER (and at today’s exchange rates, that latter figure is a little over $22 million!). So a small investment in the right tools can have a big impact to preserving your company’s bottom line.

Next time, I will look at the GDPR requirement to continually demonstrate compliance with data availability and recoverability. Continued testing and validation must be performed to ensure that changes do not compromise compliance. Of course, it goes without saying that BMC has your back there as well.

In the meantime, for those of you who are impatient to get started, please visit our GDPR page on the BMC website at

Dummies Guide to Security Operations

When security and operations teams collaborate closely, they can protect your business more effectively against all kinds of threats. Learn more in the SecOps For Dummies guide.
Download Now ›

These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing

About the author

Phil Grainger

Phil Grainger

Phil has 30 years experience of Db2, starting work long ago in 1987 with Db2 Version 1.2. Since then he has worked with all versions, including Db2 12.

From his beginnings as a Db2 DBA for one of the largest users of Db2 at that time in the UK, through his time at PLATINUM technology, his almost 10 years as Senior Principal Product Manager at CA and through to his current position with BMC Software, Phil has always been a keen supporter of user groups and is a regular speaker at both vendor sponsored and independent events. His work with IDUG includes being a past member of the European IDUG Planning Committee, an inductee into the IDUG Volunteer Hall of Fame and now Board Liaison for BMC Software

Phil has been honoured by IBM as an Analytics Champion from 2009 to 2017

Phil is now Lead Product Manager at BMC Software working in support of their Db2 tools portfolio

In addition, Phil is a regular contributor to the IDUG sponsored
Db2-L discussion list