As the compliance process continues, the Data Protection Officer faces specific challenges that are preventing the company from going forth with the envisioned data privacy model.
It becomes more and more apparent that there is a need for a clear understanding of data processing activities for each data subject across all company systems.
If you collect different sets of data from the same individual for different purposes, it can create different data sets for the same data subject in different systems. This causes you to have only a partial insight into what data is processed for that specific individual.
Lack of 360 overviews of personal data disables DPO from efficiently performing everyday tasks such as fulfilling the right-to-be-forgotten or Data Removal. It puts a company in a highly risky situation since some data can be unintentionally left undeleted in the systems.
Privacy 360 is a reporting module and a perfect solution for the Data Protection Officer’s challenges. It gives a DPO an overview of all data and locations where personal information is stored about the specific data subject.
Privacy 360 answers the questions: what data is collected, how the data is processed and where is data stored?
Data Privacy Manager uses unique Identifiers (IDs) from each IT system containing personal data. Having information about all IDs from different IT systems regarding one single data subject is of the essential value to every DPO. This enables DPOs to perform GDPR tasks with confidence, having the correct information about all data subjects’ data.
Based on input information a DPO can keep records of the master data subject with the help of recommendation engine, built-in data quality rules and, data merger engine.
Combining Privacy 360 with Privacy portal will give data subjects an insight into how their data are processed so they can have control over their data every step of the way.
Data Subject 360° Privacy
Business Process
(Original Purposes)
Data Retention
(Purpose change)
No Purpose
Business Process
(Original Purposes)
Data Retention
(Purpose change)
No Purpose
While Organizations have been busy collecting consents and putting together compliant Records of processing activities, the data removal remained overlooked, or maybe postponed? Most of the Organizations have by now documented data retention policies and have a good idea about how long they can keep the data. Data retention starts when one of the following scenarios happen: The initial purpose for data collection and processing has expired. Usually, a product or services contract with an individual has expired, an insurance policy has expired or individual stopped using a product or a service…
What do you have to take into account when managing privacy risks? Can you really avoid all risks? Might there
General Data Protection Regulation (GDPR) requires that Organizations processing personal data (Data Controllers and Data Processors) maintain a register of
Data processing inventory is in the heart of every privacy program because it all starts with understanding and recording personal
Data processing inventory is in the heart of every privacy program because it all starts with understanding and recording personal
Communicate with your contacts in a GDPR compliant way The application of the GDPR principles in modern digital and direct marketing has
Privacy programs are yet to be established in many organizations and require further encouragement from the management. We shared 5 basic
Services
Resources
Latest blog posts
Latest blog posts