Compliance
Manage and view policies, ROPA and risks identified from one central location, helping you manage and evidence compliance.
Record of Processing Activities
The Record of Processing Activities (ROPA) is a requirement of most organisations, as defined in article 30 of the GDPR. Even if not required by law the ROPA forms the baseline for data protection compliance, allowing an organisation to evidence where personal data is used and identify data usage risk.
By establishing a small network of data champions within your organisation you can determine where data is processed. This allows your Data Protection Officer (DPO) or equivalent, to obtain a holistic view and demonstrate compliance.
- Activity Workflow
The ROPA can be updated through our Activity Workflow, allowing your Data Champions to update it through workshops, one to ones or lone assessments.
- Assisted Assessments
As information is added to the ROPA risks are identified and added to your risk log. Through screen tips and dynamic questions, ProvePrivacy provides user feedback throughout. Assisted assessments inform action plans and provide guidance on whether an activity should be referred to the DPO.
- Compliance Hotpots
Identify where your risks are at a glance and determine which department, supplier or activity requires further remediation. Use the systems recommendations to define next steps.
- Supplier Management
The data sharing assessment allows you to understand where personal data is shared with your suppliers. It enables you to assess the compliance of your contracts, demonstrate that your data remains secure and store supplier documentation alongside supplier assessments.
- Data Retention
The Data Management assessment allows you to identify where data is stored in your organisation both whilst it is ‘in use’ and ‘in retention’, informing your data retention periods and rationale.
- High Risk & DPIA
It is one thing having a Data Protection Impact Assessment (DPIA) template, but when do you need to complete it? Our high risk assessment uses the information that you have entered about an activity to highlight when a DPIA is needed, it then walks you through the process of assessing the risk.
Why use Prove Privacy to manage personal data and privacy risks?
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut et massa mi. Aliquam in hendrerit urna. Pellentesque sit amet sapien fringilla, mattis ligula consectetur, ultrices mauris. Maecenas vitae mattis tellus. Nullam quis imperdiet augue. Vestibulum auctor ornare leo, non suscipit magna interdum eu.
Risk Management
One clear advantage of ProvePrivacy is the ability to manage risks identified in different areas of the business. From data breaches to data subjects rights requests and the ROPA, all risks can be identified and logged.
The risk module is the central place for all risks allowing them to be assessed, graded and action plans put in place.
- Managing Risks
As it learns more about your organisation ProvePrivacy naturally identifies risks and allows you to manage them through our Risk Management module. By also adding your own risks as you identify them a single place to monitor your data protection risks is created.
- Action Planning
Each risk can hold its own mitigation plan which includes any number of actions. Action planning allows you to allocate individual actions to staff and monitor their completion, providing a single viewpoint of progress.
Policy Management
Our policy module allows each document owner to add policy, procedure or standard forms to ProvePrivacy. Any policy can be added for any department (these are not restricted to data protection policies) and once added will be assigned to the appropriate staff to be read.
ProvePrivacy maintains a record of who has read and understood each document, and provides annual reminders to the document owner is reminded to review and re-issue policies.
This demonstrates that colleagues understand policy at regular intervals.
- Manage Policies
Policy Management enables the management of all company policies (not just those relating to data protection). It provides evidence that all of the required staff have ‘read and understood’ the policies on an annual basis. In addition it ensures the document owners regularly review and update policies to keep them current.
- Policy Review Reminders
When adding and putting a document live the owner is asked to provide a document review date. This is then used to issue a reminder to ensure that all policies are regularly reviewed and remain in line with regulatory changes. Once reviewed all appropriate colleagues will need to re-read the revised policy.
E-Learning
The knowledgezone is the e-learning module provided within ProvePrivacy. Training includes a Data Protection and Security Awareness course, tutorials on how to use ProvePrivacy and topics such as the importance of breach reporting.
- Tutorial Videos
Tutorial videos are available to all individuals within an organisation and provide short introductions to different topics such as system usage and data protection topics.
- Staff Awareness
The Online Training module enables you to demonstrate that staff have completed data protection & security awareness training. This provides staff with CPD for their development records.
- Additional Courses
We are always adding additional courses provided by our sister company knowledgezone. Other courses such as Health & Safety in the Office and Modern Slavery Awareness are available at an additional cost.
- Custom Courses
If you have video course material of your own these can be added to ProvePrivacy. This will enable you to use the evidencing reporting in ProvePrivacy to show that your own courses have been completed by colleagues.
Testimonials
What our clients say
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut et massa mi. Aliquam in hendrerit urna. Pellentesque sit amet sapien fringilla, mattis ligula consectetur, ultrices mauris. 
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut et massa mi. Aliquam in hendrerit urna. Pellentesque sit amet sapien fringilla, mattis ligula consectetur, ultrices mauris.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut et massa mi. Aliquam in hendrerit urna. Pellentesque sit amet sapien fringilla, mattis ligula consectetur, ultrices mauris.
