Legislators and regulatory institutions expect companies to ensure the fulfillment of the data subjects’ rights granted by the data privacy law.

More so, they expect them to do that within the statutory deadline or risk possible fine.

The GDPR is trying to give individuals control over their personal information. But how to give back control over the data if the company itself does not know where data is, or it does not know which data relates to which specific data subject?

Individuals’ personal data is scattered across multiple systems, making it hard to detect and identify at the data subjects’ request.

Therefore, failing to demonstrate GDPR compliance. Data Privacy Manager MDM edition provides a single business user interface to data privacy and data protection experts, serving as a central place for GDPR day-to-day operations and audits.

The idea behind the product is to provide a tool for GDPR process automation and orchestration, a DPO control center, and a marketing tool without storing personal data in another database.

It allows organizations to use the Informatica Master Data Management hub to maintain the “golden record” of the data subject with correct and up-to-date personal information and provide DPO with a searchable interface to monitor GDPR compliance. This is Data protection (and  Privacy) by design and default at it’s best.

Data Privacy Manager– DPM Informatica MDM Edition was created together with the experts from Informatica Corporation as an integrated product, including Data Privacy Manager and Informatica Master Data Management Multidomain platform*.

Offensive and Defensive GDPR strategy

When it comes to the GDPR compliance journey, we have seen Organizations taking a defensive position and doing the bare minimum around privacy policies, contracts, and documentation.

But we have also seen a number of Organizations trying to take an offensive position, being in control of personal data for the sake of the business and using personal data respectfully to create new insights and new business models.

It is now obvious that there is no such thing as a minimum GDPR compliance. Organizations are either compliant with GDPR principles or they are not. The lawful basis for processing is either clearly defined and documented or personal data are being processed illegally.

They are either fulfilling the data subjects’ rights in a timely manner or they are at the risk of a lawsuit, reputational damage, or losing a customer.

Their marketing department is creating marketing campaigns using only data with proper consents or they are spamming their customers and potential customers. It has also become obvious that trust is the next big thing Organizations will have to compete for.

Data Privacy Manager enforces the maintenance of:

  • Records of processing activities,
  • Data retention policies execution,
  • Timely fulfillment of data subject rights and
  • Minimization of data breach risk.

Together with Informatica MDM, it provides much more than “minimum GDPR compliance”, it provides Organizations with a means to be more data-driven and Customer-centric.

Data Privacy Manager – Master Data Management edition, allows Organizations to know exactly where personal data is stored and processed, who is responsible, what is the purpose of data processing, and most importantly, which data belongs to the same data subject.

The latter demands a functional master data management system and it is why we have collaborated with Informatica Corporation and created an integrated product to cover the GDPR processes and policies management, personal data management, and integration with other systems.

 

LAWFUL BASIS FOR PROCESSING EXAMPLE

* Informatica Master Data Management Multidomain platform includes MDM functionalities limited to data subject privacy management. However, the usage can be extended to full Customer or other domains (e.g. Product, Distributor) at any time.

Read the blog: GDPR Requirements for Compliant Data Removal