The biggest change in Data Privacy regulation in 20 years went live on 25 May 2018. The General Data Protection Regulation gives every EU citizen rights to control the way their personal data is processed and places an obligation on every organisation to process data fairly, transparently and to demonstrate their compliance.
The process of becoming compliant can be difficult and hard to implement, with an entire industry of consultants and paid-for templates on-hand to help – at a price. The ComplianceVault puts you in control and simplifies the process of achieving, maintaining and demonstrating compliance
A Complete Solution
The ComplianceVault is based around a simple process of understanding, defining and documenting the way that an organisation processes personal information.
By creating a ‘single version of the truth’ the Vault creates the ideal place to store, share and review both the processes and the documentation.
The guided, 9 step process enables you to break down the tasks into simple, manageable chunks:
- Understand your obligation
- Understand where you are on the journey
- Work through the process in a simple environment
- Record and demonstrate your compliance
How does it work?
Based on self-assessment exercises, templates and easy to follow steps the online tool enables you to identify:
- Where in your business you process personal – and for what purpose
- The systems that are involved in data processing
- Where personal data is stored
- The security measures in place
- Risks and controls already in place
This self-assessment and data mapping process provides the foundation for creating the necessary documentation.
Once complete you have a ‘single version of the truth’ where all team members can be sure that they are viewing the latest information.
Subject Access Request processing and Data Breach reporting can all be managed within the Vault. Following on from the self-assessment and data-mapping, creating your own policies and documentation is straightforward (with templates and advice available if required).
Scheduling and recording ongoing reviews enables you to evidence your continued compliance and to meet your obligations under the Principle of Accountability (a central tenet of the new regulation).