ProvePrivacy is here to help you to simplify the process of managing your data compliance. We start by identifying the activities which take place in your organisation which use personal data, This builds your record of processing activities, which is a requirement for most companies under GDPR.
The record of processing activities then becomes the central focal point for managing all of your data risk, helping you to identify and manage risk, ensure that your suppliers relationships are compliant, understand your data retention as well as manage the rights of the data subject. However, it does not stop there, as more features increase assurance.
The record of processing activities (ROPA) can be updated through our Activity Workflow, allowing your Data Champions to update in a natural way, through workshops, one to ones or lone assessments.
Risks are assessed as information is added, providing feedback throughout. Our assisted assessments drive action plans and provide guidance on whether an activity should be referred to the DPO.
Identify where your risks are at a glance, identify which department, supplier or activity requires further remediation and receive recommendations for next steps.
The Supplier Management module allows you to understand your suppliers, assess the compliance of your contracts, demonstrate that your data remains secure and even store supplier documentation online.
The Data Management module allows you to identify where data is stored in your organisation both whilst it is ‘in use’ and ‘in retention’ and allows you to set your data retention periods and rationale.
High Risk & DPIA
It is one thing having a Data Protection Impact Assessment (DPIA) template, but when do you need to complete it. Our high risk assessment uses the information that you have entered about an activity to highlight when a DPIA is needed and it then walks you through the process of assessing the risk.
Breach Management *
ProvePrivacy’s easy reporting tools keep the reporting process simple so you can be assured there are fewer obstacles to logging an incident. Once an incident is logged your lead investigator can manage the breach step by step, including reporting to the supervisory authority or other interested parties.
Policy Management *
Policy Management enables the management of all company policies (not just data protection). It provides evidence that all of the required staff have ‘read and understood’ the policies on an annual basis. In addition it ensures the document owners regularly review and update policies to keep them current.
Data Subjects Rights *
The Data Subject Rights module allows you to manage requests from data subjects such as a data subject access request (DSAR) or the ‘right to be forgotten’. As well as managing the process ProvePrivacy maintains a log of requests so that your can demonstrate compliance.
When reporting a breach the Information Commissioner asks if staff have been trained. The Online Training module enables you to demonstrate that staff have completed awareness training, providing staff with a CPD certificate for their development records. Training is provided by knowledgezone.co.uk).
ProvePrivacy naturally identifies risks and allows you to manage them through our Risk Management module as it learns more about your organisation. You can add your own risks as you identify them providing a single place to monitor your data protection risks.
As you identify concerns you can add them to your Risk Management module. Action planning allows you to allocate individual actions to staff and monitor their completion, providing a single viewpoint of progress.
Reporting covers risk management, action planning, staff awareness, policy completion, breach reporting and data subject rights. Plus, if there are any additional reports you require we will develop them for you and add them…just add a Feature Request.
Advice & Support
ProvePrivacy is supported by our partner network of data protection professionals, cyber security experts and consultant DPOs. If you are struggling to determine the best course of action, a simple help request and we can provide the advice and support you need.
* Module will be available as part of phase two, see our roadmap for more details.