As the compliance process continues, the Data Protection Officer faces specific challenges that are preventing the company from going forth with the envisioned data privacy model.
It becomes more and more apparent that there is a need for a clear understanding of data processing activities for each data subject across all company systems.
If you collect different sets of data from the same individual for different purposes, it can create different data sets for the same data subject in different systems. This causes you to have only a partial insight into what data is processed for that specific individual.
Lack of 360 overviews of personal data disables DPO from efficiently performing everyday tasks such as fulfilling the right-to-be-forgotten or Data Removal. It puts a company in a highly risky situation since some data can be unintentionally left undeleted in the systems.
Privacy 360 is a reporting module and a perfect solution for the Data Protection Officer’s challenges. It gives a DPO an overview of all data and locations where personal information is stored about the specific data subject.
Privacy 360 answers the questions: what data is collected, how the data is processed and where is data stored?
Data Privacy Manager uses unique Identifiers (IDs) from each IT system containing personal data. Having information about all IDs from different IT systems regarding one single data subject is of the essential value to every DPO. This enables DPOs to perform GDPR tasks with confidence, having the correct information about all data subjects’ data.
Based on input information a DPO can keep records of the master data subject with the help of recommendation engine, built-in data quality rules and, data merger engine.
Combining Privacy 360 with Privacy portal will give data subjects an insight into how their data are processed so they can have control over their data every step of the way.
Data Subject 360° Privacy
While Organizations have been busy collecting consents and putting together compliant Records of processing activities, the data removal remained overlooked, or maybe postponed? Most of the Organizations have by now documented data retention policies and have a good idea about how long they can keep the data. Data retention starts when one of the following scenarios happen: The initial purpose for data collection and processing has expired. Usually, a product or services contract with an individual has expired, an insurance policy has expired or individual stopped using a product or a service…