GDPR is an acronym that has been top of mind for of privacy officers, CIOs, and even marketers across the EU since the early months of 2018. Now that it’s been a few years since the regulation went into effect, organizations should have a handle on what type of data is impacted and how to handle compliance. The ongoing challenge is tracking and documenting the steps required for GDPR compliance as a business evolves over time.
While numerous one-off templates to create GDPR reports based on a moment in time are available, Altova has created the first long-term solution for documenting and tracking the entire GDPR compliance management process.
Let’s take a look at what GDPR compliance entails and how the Altova GDPR Compliance Database makes managing it organized and straightforward.
What is GDPR?
The General Data Protection Regulation (GDPR) is a set of privacy and data protection rules that apply to organizations that process personal data of people residing in the European Union and European Economic Area. The goal of GDPR is to give individuals more control over their personal data and at the same time simplify the regulatory environment for international businesses.
Starting May 25, 2018, all organizations doing business in the EU or with EU customers became subject to the regulation. Compliance with GDPR rules means that personal data is collected under strict conditions and also require that organizations that collect this data protect it over the long term from misuse and exploitation.
Data protection measures are required to be built into the design of business processes that collect personal data. If a data breach occurs that compromises the privacy of one or more people, it must be reported to the supervisory authority. As such, companies need to ensure that the appropriate technical and organizational measures are in place to protect data, and they must document all storage and processing activities. They also must have the ability produce reports on such measures when they are requested.
This presents a significant challenge to organizations that have multiple departments handling personal data, outside contractors with access to data, various stake holders with different levels of involvement, and no existing tools for documenting the access and processes.
As a high-tech company doing business in the EU and around the world, Altova faced these challenges as well. Finding no suitable GDPR tracking tools for documenting compliance, we created an easy-to-use, web-based interface that’s both comprehensive and secure.
GDPR Tracking & Compliance Tool
The Altova GDPR Compliance Database is an internal solution that allows organizations to create and maintain an ongoing record of personal data stores to ensure that the processing of personal data is handled in line with the principles of the GDPR. This tool makes it easy for companies to organize information about their repositories of personal data in a straight-forward, structured way.
Once you install the GDPR Compliance Database in your IT infrastructure, authorized users may access it in a web browser. Stakeholders enter all the required information about the data applications, also known as “processing activities” in GDPR parlance, and the data categories used in your organization – both for internal tracking and documentation purposes and to generate reports when required.
The GDPR Compliance Database include built-in discussion and approval mechanisms, as well as detailed change-tracking that helps users understand the reason for, and the impact of, every update.
Unlike other one-off or word-processor-based GDPR tools, the Altova GDPR Compliance Database is designed to provide a comprehensive solution for tracking management of personal data to help ensure compliance as a business evolves over the short and long term.
Advantages of this solution include:
- Centralized, organized documentation of all required information about data applications and the data categories, as required by GDPR
- Data stays in-house because the solution is installed within your IT infrastructure
- A secure, web-based interface makes it easy for permitted users to access and understand
- Support for multiple users collaborating in the solution simultaneously
- Built-in approvals process and discussion mechanisms ensure accuracy of entered information and provide long-term documentation
- Change tracking provides a record of updates over time to facilitate long-term maintenance of your documentation
- Auto-generation of reports on data categories and other views in PDF or Word
See how to track GDPR compliance in the video below.
Creating GDPR Reports
At any time, you can auto-generate a GDPR compliance report in PDF or Word on all processing activities, or a list of processing activities that you have classified as critical. You may also create a report on the current state of category approvals in the system.
Powered by MobileTogether
We created the GDPR Compliance Database using the powerful enterprise app development tools in MobileTogether. When you install the GDPR Compliance Database, you get access to the solution as well as the high-performance MobileTogether Server, which you can choose to install on premises or in the cloud.
This has two advantages: the solution may be accessed by anyone permitted in your organization via a simple URL, and, if required, you can modify the solution to meet your organization’s needs using the free MobileTogether Designer.
Get Started Now with a Free Trial
The Altova GDPR Compliance Database files are provided free under the Apache 2.0 license. Operation of the solution requires a license for MobileTogether Server, which you can obtain for a free 30-day trial or purchase via the Altova Online Shop.