Legislators and regulatory institutions expect companies to ensure the fulfillment of data subjects rights granted by the data protection law.
More so, they expect them to do that within the statutory deadline or risk possible fine.
GDPR is trying to give individuals control over their personal information. But how to give back control over the data if the company itself does not know where data is, or it does not know which data relates to which specific data subject?
Individuals’ personal data is scattered across multiple systems, making it hard to detect and identify at the data subjects request. Therefore, failing to demonstrate GDPR compliance. Data Privacy Manager MDM edition provides a single business user interface to data privacy and data protection experts, serving as a central place for GDPR day-to-day operations and audits.
The idea behind the product is to provide a tool for GDPR process automation and orchestration, a DPO control center and marketing tool without storing personal data in another database.
It allows organizations to use Informatica Master Data Management hub to maintain the “golden record” of the data subject with correct and up-to-date personal information and provide DPO with a searchable interface to monitor GDPR compliance. This is Data protection (and Privacy) by design and default at it’s best.
Data Privacy Manager– DPM Informatica MDM Edition was created together with the experts from Informatica Corporation as an integrated product including Data Privacy Manager and Informatica Master Data Management Multidomain platform*.
Offensive and Defensive GDPR strategy
When it comes to the GDPR compliance journey, we have seen Organizations taking a defensive position and doing the pure minimum around privacy policies, contracts, and documentation.
But we have also seen a number of Organizations trying to take an offensive position, being in control of personal data for the sake of the business and using personal data respectfully to create new insights and new business models.
It is now obvious that there is no such thing as a minimum GDPR compliance. Organizations are either compliant with GDPR principles or they are not. The lawful basis for processing is either clearly defined and documented or personal data is being processed illegally.
They are either fulfilling data subject rights in a timely manner or they are in the risk of a lawsuit. Their marketing department is creating marketing campaigns using only data with proper consents or they are spamming their Customers and potential Customers. It has also become obvious that trust is the next big thing Organizations will have to compete for.
DPM enforces the maintenance of:
- Records of processing activities,
- Data retention policies execution,
- Timely fulfillment of data subject rights and
- Minimization of data breach risk.
Together with Informatica MDM, it provides much more than “minimum GDPR compliance”, it provides Organizations with a means to be more data-driven and Customer centric.
When using DPM MDM edition Organizations know exactly where personal data is stored and processed, who is responsible, what is the purpose of data processing, and most importantly, which data belongs to the same data subject.
The later demands a functional master data management system and it is why we have collaborated with Informatica Corporation and created an integrated product to cover GDPR processes and policies management, personal data management and integration with other systems.
* Informatica Master Data Management Multidomain platform includes MDM functionalities limited to data subject privacy management. However, the usage can be extended to full Customer or other domains (e.g. Product, Distributor) at any time.
Read about incident managment under the GDPR: https://dataprivacymanager.net/en/incident-management-under-gdpr/