The General Data Protection Regulation becomes law on 25 May 2018. Fortunately, ITMAGINATION is prepared! Have a look at our response to the new legislation.
As we mentioned in our previous blog post, The GDPR (General Data Protection Regulation) introduces significant changes that apply to businesses that process individual data. After 25 May 2018, individual customers and supervisory bodies will have additional authority with respect to companies that process personal data. This will also include the option to charge financial penalties for infringing on GDPR provisions – penalties that are many times higher than those currently imposed by the European Data Protection Supervisor (EDPS). Those penalties may amount to as much as €20 million or 4% of the global revenue of the given company for the previous year, whichever is higher.
The Personal Data Protection System (PDP) is ITMAGINATION's response to the new requirements. Our solution:
- Systematizes the handling of processes associated with the new obligations imposed by GDPR
- Minimizes the associated financial and time burdens
- Automates communication with EDPS (the supervisory body)
- Minimizes the risk of financial sanctions
Most businesses keep multiple files for the details of customers and partners. A dynamic expansion of business requirements, time pressure, and the impossibility of implementing changes to core production systems have led to a rise in the number of IT systems and the duplication of personal data records in various locations. New GDPR requirements obligate businesses to maintain comprehensive personal data and customer consent records, to notify a Supervisory Body as well as customers of personal data breaches, and to react quickly to customer requests which might, inter alia, pertain to the removal of their data from the company's registers.
ITMAGINATION's PDP system facilitates comprehensive personal data management by:
- Maintaining a personal data registry in a dedicated repository
- Maintaining a record of all customer consents, requests, and objections
- Notifying a supervisory body of personal data breaches
- Performing fully-contextual searches of customer data saved directly in all systems installed within a company, eliminating the need for manual browsing through multiple files, databases, and e-mail accounts
- Rendering all personal data effectively and automatically anonymous in all systems used by the company
In our next post, we’ll dig deeper into each PDP module to give you an inside look at what makes the system tick. We’re confident that the modular nature of our solutions makes them suitable for both small businesses and large organizations with complex IT architecture. For more information and to download a comprehensive e-book on this topic, please visit https://www.itmagination.com/en/gdpr.