Altova GDPR Compliance Database

About Altova GDPR Compliance Database

Home Prev Top Next

The General Data Protection Regulation (GDPR) is a regulation in EU law that protects the data and privacy of persons living in the EU and European Economic Area (EEA). It became binding beginning 25 May 2018. Businesses that process personal data of people living in the EU and EEA must now ensure that this data is handled in line with the principles of the GDPR and that this data is protected. Data protection measures are required to be built into the design of business processes that collect personal data. If a data breach occurs and the breach compromises the privacy of a person, then the breach must be reported to the supervisory authority. (For more information about the GDPR, see the EU web page on GDPR and Wikipedia).

 

In order to make sure that all the personal data of EU/EEA residents held by your organization is in compliance with GDPR, you should build and continuously track all repositories of personal data that you maintain. The Altova GDPR Compliance Database enables you to quickly organize information about your repositories of personal data in a structured way.

 

The Altova GDPR Compliance Database enables you to do the following:

 

Quickly configure departments and people in your organization that are involved in the collection and processing of personal data

Quickly configure details of external entities that process personal data your organization collects

Quickly create a list of all repositories in your organization where personal data is stored

Set up criteria for classifying data (such as sensitivity, source, protection level), and assign a set of appropriate values for each classification. For example, a data classification might be named Storage duration and be defined to have one of the following values: 1 year, 2 years , 3 years , 5 years , 7 years

Define data categories. In a given data category, the data classifications you have created are each assigned a value (from among their respective allowed values). For example, if you define a data category named Billing Address, then this category could have the following classification values: (i) Type of data = personal data; (ii) Encryption = none; (iii) Storage duration = 7 years

List and define all the data-processing activities that are used by your organization, including applications used by external agents that are tasked with processing data for your organization (for example, an external organization that sends promotional emails to your customers)

Automatically link information that is entered in one part of the compliance database so that this information is reused in related parts of the database; this provides efficiency and accuracy while entering information in the database, as well as a better overview of information

Enable distributed use of a central system (the compliance database) by multiple users

Enable users of the compliance database to independently modify the structure of the system, subject to an approval process that is built into the system

Track changes to the structure and other aspects of the system

Quickly generate different kinds of reports, which will be based on the information currently held in the compliance database

Start discussions about different items of the compliance database, and invite specific users to join the discussion; discussion threads can be read directly in the system and in the context of the discussed item

An internal correspondence system between users of the system, in which metadata items are directly linked to discussion threads about the respective item

Discussion participants are notified by email about new messages in the discussion

 

Demo video

To see a demo video that explains how the Altova GDPR Compliance Database works, go to this URL at the Altova website.

 

This documentation

This documentation is organized into the following sections:

 

User Management shows how to configure system users and system settings via the User Management app

General Information about the Compliance Database describes how to set up the compliance database, terms used in the compliance database, and how to navigate the compliance database  

GDPR Metadata explains how to enter information about your data collection processes into the compliance database

Approvals explains the process of approving changes made to the metadata structure of the compliance database

Discussions describes a feature that enables questions and suggestions about individual metadata items to be discussed internally, within the compliance database system

Reports documents how to generate different types of reports from the information held in the compliance database

Additional Features describes features that provide additional functionality, such as search filters on pages, and context-sensitive listings of changes to metadata

 

© 2020 Altova GmbH