The General Data Protection Regulation becomes law on 25 May 2018. Fortunately, ITMAGINATION is prepared! Take a closer look at our response to the new legislation.
As we mentioned in our previous blog post, The GDPR (General Data Protection Regulation) introduces significant changes that apply to businesses that process individual data. The Personal Data Protection (PDP) System is ITMAGINATION's response to the new requirements. Our previous blog post in this series introduced the three key elements of the system, and now it’s time for a closer look at what makes each of them tick.
Let’s start with the Personal Data Protection: Management (PDP.M) Personal Data Management Module. This is the primary PDP facility. It guarantees compliance with GDPR requirements, and its main objective is cohesive and effective management of the registry that contains the personal data of customers, partners, and employees as well as the handling of all associated events. Mechanisms for data access control implemented together with system functions prevent the unauthorized editing or deleting of data.
Next up is the Personal Data Protection: Exploring (PDP.E) Personal Data Exploration Module. It constitutes an optional expansion of the personal data security management function and is dedicated to institutions where there is a risk that personal data may have been copied and stored in different systems within the company during an extensive period of cooperation with a customer or partner. In the event of an “I want to be forgotten” request by a customer, partner, or employee, every company is obligated to delete or render anonymous all personal data associated with the natural person within all the company’s systems and sites.
The PDP.E Module releases controllers from the laborious task of searching for personal data across multiple systems. It includes a fully-contextual and semantic data search mechanism and it comes with an API which allows the mechanism to be integrated into future applications or systems. It guarantees fast search results based on an index tree updated on an ongoing basis, and through the integrated OCR (charter recognition technology), the PDP.E module can handle saved images, verifying whether they contain personal data elements such as scans of personal IDs. The use of Machine Learning algorithms to identify the types of documents attached to correspondence makes it possible to automatically choose the text layout template and interpret the data in each document. This significantly improves search quality and effectiveness.
Last but not least, we come to the Personal Data Protection: Anonymization (PDP.A) Data Anonymization Module. The PDP.A Module delivers a series of interfaces that fully automate the process of rendering anonymous all data in the company’s systems. This facilitates the quick integration of the Personal Data Management System (PDP.M) with the company’s applications by using several connectors and adapters. This means that rendering personal data anonymous is a central, fully automated operation that is activated directly from the PDP.M module console without the need to log in to transaction systems or browse and modify data separately in each system.
We hope you’ve enjoyed this in-depth look at our response to the new challenges posed by the GDPR regulations, and our experts are available to sit down with you for a quick consultation at any time you find suitable.