Search
Close this search box.
AI-based solution designed to automate personal data discovery and classification
Discover personal data across multiple systems in the cloud or on-premise
Harbor cooperation between DPO, Legal Services, IT and Marketing
Turn data subject request into an automated workflow with a clear insight into data every step of the way
Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation
Guide your partners trough vendor management process workflow
Identifying the risk from the point of view of Data Subject
Quickly respond, mitigate damage and maintain compliance
Consolidate your data and prioritize your relationship with customers
Privacy portal allows customers to communicate their requests and preferences at any time
Introducing end-to end automation of personal data removal

Latest Blog posts

Learn the terms

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

6 Steps to Explain GDPR to Your IT

6 Steps to Explain GDPR to Your IT

It is difficult to explain the General Data Protection Regulation (GDPR) in just a few words. Things can get complicated if you need to explain it to one of the potential stakeholders in the company, like IT.

By now, you’ve realized that this collaboration will be crucial for fulfilling GDPR requirements, and you will need support from your IT department.

If you have already tried establishing a communication channel with IT, you might encounter IT experts who are interested in the privacy program and are happy to help.

However, more often, IT departments are busy with other projects, and in that case, you may encounter a bit of pushback from the IT department considering compliance projects less important and exciting.

Whatever the case is, the collaboration between DPO and IT is essential.

The fact that you are still reading this means you want to learn how to collaborate better and communicate with your IT colleagues.

You might be wondering, “OK, but how?” I know you are eager to find out, so we will waste no more time.

1. Understand the IT point of view

We all know that there is a lot of pressure on IT professionals. Companies depend on IT systems, which their employees use in almost every business process, from e-mail clients to various CRMs, ERPs, Websites, Mobile Apps, Analytical tools, Backup Systems, and many more.

The IT department is responsible for the flawless operation of all these segments.

There are big expectations for constant innovations, introducing new systems, and updating existing ones. At the same time, there is a significant lack of IT experts. Over 1,500 Chief Information Officers agree there’s a deficit, which means massive demand for those with the right skills.

Therefore, there is a big chance that the IT department in your company is understaffed, which is something you can relate to as a Data Protection Officer.

2. Make sure you are speaking the same language

You are an expert in Data Privacy and a master of the GDPR terminology. Use your GDPR knowledge to educate your team.

On the other hand, your IT colleagues may find terms like Data Subject, Data Processor, Processing Activity, and Data Retention intimidating. Even the term GDPR, mentioned many times in mainstream media, is not something the general public has comprehensive knowledge of.

Make a bridge by preparing a glossary with the most important terms and call a meeting where you can explain the goal of your project and ask probing questions to make sure everybody understands the terminology and the importance of the compliance program.

3. Create urgency

As said earlier, the IT department is flooded with everyday tasks for maintenance, and there is a neverending list of requests for new development.

The real question is, where are those requests coming from? Who makes the priorities? By now, you probably know the answer – the business!

It is your job to create urgency about the GDPR project!

Getting the sponsorship and clear message „Engage!“ from the top management and the board is essential. If the GDPR project gets a higher priority and allocation of resources, you can be sure the IT department will do its best to support you.

To learn how to create support and urgency for your privacy program, download our: Guide for a Successful DPO

4. Set the lines of responsibility

Go over the Records of Processing Activities with your IT team. In the process, clearly define what you need from them and what they need to deliver. The usual start is to create a Data Processing Inventory, and discover personal data across IT systems.

If they know the background, it will be easier to reach the desired outcome. With other Activity Owners, define the data retention period for each processing activity.

Create realistic goals, and make sure everybody understands the expected level of cooperation and their place in this journey. IT needs to adjust systems to receive this information and act accordingly.

5. Actively collaborate on your GDPR project

Once you speak the same language, you have the sponsorship from the Board and clear lines of responsibility; it is time to get the work done.

You need to be present in the project.

The details of software integration are not your domain; the Data Privacy is.

Organize constant follow-ups and standup meetings with your IT. Ask your IT if they have all the inputs and ensure everything is clear. Ensure that vendors of the GDPR management software deliver what they promised.

Be involved in testing – the best way to get a look and feel of the future solution. It will keep you informed about the critical part of the project, and you can give some final inputs.

At the same time, you will show your IT colleagues that you care and want to help them deliver the best possible outcome.

6. Be persistent – it pays off

Keep asking what you need and keep demonstrating the value of your project.

GDPR compliance will help you avoid fines, but even more important is to gain customers’ trust with a transparent data privacy policy.

Don’t let GDPR be perceived as a financial burden; drive more focus on compliance, ROI, and related risks and benefits.

It is important to note that most organizations are seeing positive returns on their privacy investments, and more than 40% are seeing benefits at least twice that of their privacy spend.

Find out why companies invest in GDPR compliance to make solid arguments on the importance of compliance and accountability.

Request a Data Privacy Manager demo

Let us navigate you through the Data Privacy Manager solution and showcase functionalities that will help you overcome your compliance challenges.

Scroll to Top