The General Data Protection Regulation (GPDR) comes into force May 28th 2018 and is an advancement and improvement to the 1998 Data Protection Act.
It is a single set of rules that apply to all EU member states.
GDPR introduces a number of elements that require companies to be able to demonstrate appropriate customer and employee data management. This means:
With the deadline for GDPR fast approaching, a common problem voiced by many large organisations is that of being able to capture and interrogate all the information in one place in a way that it will be easy to report, both internally and to the regulator.
The same issue also seems to be impacting the ability of many to clearly understand the gap to compliance as well as the timescales and remaining resources and costs required to achieve it. PRIMED helps address these issues.
End-to-end oversight across company-wide processes, assets and suppliers and their compliance to GDPR’s Articles.
Cost and Key Performance Indictors (KPIs) from the perspective of the Chief Data Officer (CDO)
Single holistic view across all stakeholders.
Owner-specific views of the data associated to their sphere of accountability or responsibility.
Pivot across GDPR criteria against accountability owner, asset, process, supplier or contract.
Processes, assets and suppliers can be collectively or individually viewed for their status against specific GDPR criteria.
Certificates of relevance and compliance can be tagged and validated to assets, processes suppliers or contracts.
Remediation Plans (with owners) can be attributed and managed directly.
Breach Management processes can be created in advance of specific incidents.
Breach incident tickets can be raised and tracked through the relevant breach management process(es).
Risks can be raised and managed by type, severity and association.
Specific processes such as “Right to be Forgotten”, “72 Significant breach notification” or new process creation can be established, managed and reviewed within the audit-able framework.