This is how you can meet the GDPR requirements across hundreds of applications with a single technology.
Let’s assume that your organization is on top of its game and has implemented the necessary requirements regarding “people” & “processes”, such as appointing a DPO, conducting a risk assessment, mapping your processes and systems.
Now you need a platform that will overlay your line of business applications to meet the regulation with minimal effort and no code-changes.
These requirements can be summarized into the following categories:
- Data flow mapping and monitoring
- Data Access controls & protection
Data flow mapping and monitoring
Articles such as “Records of Processing Activities”, “Right of Access”, “Notification of Data Breach” all share the same common denominator, which involves mapping and monitoring of personal data flows. The data flows that are being audited must have a high level of granularity, with detailed info on who accessed which customer personal data.
Data Access Controls
Articles related to “consent”, “Data minimisation” and “Right to be forgotten”, impose fine-grained access controls, filtering customer data proliferation based on customer consent and “forgotten” state.
SecuPi software platform (awarded Gartner Cool Vendor) applies ‘Right to be forgotten’, ‘Data Minimization’, ‘Consent’ and ‘Records of Processing Activities’ across hundreds of business applications with NO CODE-CHANGES and within days per application (e.g., CRM, financial systems, front-office, HR systems).
It is an overlay on application servers that discovers & maps subject data, monitors in real-time data-flows & processes while applying fine-grained access controls.
SecuPi main benefits:
- ONE centralized solution for all main GDPR articles as well as Insider-threat
- Agile configurable platform to meet privacy, compliance & audit requirements
- No source-code changes with fast & cost-efficient implementation
If you’d like to get more details on our unique solution, contact us at firstname.lastname@example.org.