GDPR COMPLIANCE SOLUTION
Support for all GDPR Aspects
As of May 25, 2018, European General Data Protection Regulation (GDPR) enforcement will be in effect. With the enhanced data privacy regulations, companies using personal data of European residents will have to adhere to and add another layer to the already complex data protection processes in place. Non-compliance may result in fines up to 4% of the annual turnover or 20.000.000 Euro, whichever is greater.
The Nasdaq GDPR Compliance solution allows organizations to have:
- One holistic view - Nasdaq BWise is the umbrella solution where all the information on personal data usage in your information systems is gathered. This allows for consolidated reporting and ensures all alerts and follow ups are visible in one system.
- Maximum control - Data Protection Impact Assessments on assets and projects gives full insight into the risks, rights and freedom of data under GDPR regulation. By collecting data from all assets and projects in the same manner through robust workflow and monitoring capabilities, potential personal data breaches are minimized.
- Streamlined compliance - Combining the status of personal data to a company’s data privacy (GDPR) policy and the evidence of consent and access requests gives you the ability to gain insight into the status of your GDPR compliancy.
- The power to keep up with business changes - The configurability of the Nasdaq BWise solutions allows you to adequately take into account any changes in your IT organization or the GDPR laws. New assets or projects can be easily investigated on their GDPR compliance by performing the Data Protection Impact Assessment.
Support for all GDPR Aspects
Nasdaq BWise supports organizations to map the landscape of where personal data is processed within your organization’s IT environment to enable consolidated reporting and compliance.
Benefits of the GDPR Compliance Solution
- Efficiently collect, access, transfer or share data assets and safeguard data privacy and data protection.
- Integrate with external CMDBs, allowing for a single point of access, lower total cost of ownership (TCO) and reduced efforts in regards to data maintenance.
- Indicate the privacy risk level in the organization, based on a predefined set of questions involving answers on the use, disclosure, purpose and evaluation of personal data resulting in a high, medium or low risk level allocation.
- Determine for new assets or projects in the company with a Data Protection Impact Assessment (DPIA) if compliance with ‘privacy by design’ and ‘privacy by default’ is met.
- Establish what the risk of a personal data breach is for the organization and determines risk acceptance or risk treatment.
- Determine which set of baseline requirements are already implemented or planned and where additional requirements need to be implemented to accept the residual risk of personal data breaches.
- Powerful workflows to ensure that policies to comply with GDPR are developed, approved, applied and improved consistently according to the defined process.
- Integrated Data Feed Management to allow integrations with CMDBs, regulators to supervise changes to GDPR and assets to monitor the level of compliance continuously.
- Allows for recording and notification of any incident to all relevant internal stakeholders within the threshold of 72 hours.
- Predefined reports and dashboards that provide different analyses of the GDPR status, including a statement of GDPR compliancy to demonstrate compliance to the supervising authority.
- Consolidated view on compliance data for easy tracking and monitoring of GDPR compliancy and related prioritized activities and actions.