Effective May 25, 2018, the EU General Data Protection Regulation requires companies to comply with enhanced data privacy requirements, related to the processing of personal data of EU citizens.
Commugen’s GDPR 365 is a holistic solution that helps organizations and DPOs manage (i.e. define, execute, document, monitor and improve) data protection processes, required under GDPR.
Management and actions are done visually via a set of predefined dashboards and reports that provide varied views into GDPR compliance status.
What are GDPR 365 building blocks?
- Regulation Mapping: Recognize the Landscape Map GDPR articles and recitals to main themes, e.g.: Data Subject’s Right, Privacy by Design, Lawfulness of Processing, Breach Notification and Legitimate Interests.
- Policy Compliance Management: Set Controls & Tasks Establish recommended and optional controls for each GDPR theme. Set tasks and responsibilities for those controls, and monitor execution.
- System Mapping: Map Systems & Associated Data Risks Set privacy risk level for all systems and processes. Analyze thoroughly sensitive systems, and monitor exposure.
- Action Management Respond to data subjects’ requests and manage breach events.
- DPIA – Data Protection Impact Assessment Set privacy risk level for all systems and processes. Analyze thoroughly sensitive systems, and monitor exposure.
Commugen’s GDPR 365 foundations:
Why GDPR 365?
Commugen’s GDPR 365 manages all aspects of the DPO’s responsibilities. This allows for a unified view of GDPR activities and provides insight into organizational compliance.
Adapt to business changes and new GDPR insights
Commugen’s GDPR 365 technology allows easy tailoring to the specific conditions of your organization. Once running, it will easily adapt to changing Legal and IT needs, and to the evolution and changes in the understanding of GDPR.
Privacy policies and controls ensure that the organization complies with GDPR (e.g. Lawfulness of Processing). These can be developed, approved, applied and improved continuously. Each control and policy is to a department or a pre-defined group within it, to ensure compliance.
System & Process Mapping & Monitoring
Commugen’s system and process mapping is an IT Asset Management tool. It holds asset information and records of processing of personal data by that asset. It can also present related information from other systems regarding the collection, access, transfer and sharing of data by the asset.
Commugen’s GDPR 365 Action Management manages all aspects of incidents – i.e. data subjects’ requests and breach events. Action Management manages customer requests with pre-defined tasks that enable response within the allotted time frame under GDPR. It also includes the management of notification to all relevant stakeholders and monitoring of SLAs in a breach event. Added to that is a breach event exercise sub-module, to help organizations be prepared.
Data Protection Impact Assessment (DPIA)
DPIA estimates the inherent risk of a data breach in a system or a process, based on a predefined set of questions on the nature, use, disclosure and purpose of personal data. It then estimates the residual risk based on existing controls. The DPIA results determines a possible risk mitigation plan.
“Commugen’s Middle Office solution enables the locating, collecting, analyzing and processing of the bank’s FOREX transaction information. It demonstrates a deep understanding of the bank’s needs”
“Commugen service is efficient and professional. The generator they developed is very efficient, easy to use, and requires almost no professional skill to operate. The user interface is friendly and meets human engineering criteria.”
“Commugen’s solutions are used throughout Meitav-Dash for compliance and risk management. The solutions excel in the agility of adapting to our needs, and have a very friendly user interface.”
“Commugen’s Policy Management solution is used to create a new and intuitive order. It makes policy information easily accessible, and enhances coordination and collaboration among employees and organizational units”.
”Cutting edge technology, easy to adapt and implement, and a professional team with a great service”