Making the management and handling of data breaches, data subject requests and information requests easier to manage and assign.
Data Breach Management
The data breach management module allows any ProvePrivacy user to raise an incident relating to a suspected data breach. Once raised ProvePrivacy will notify the DPO of the breach and allow them to establish an investigation team.
ProvePrivacy guides the team through the circumstances and the consequences of the incident allowing them to build the supervisor breach report. All incidents are logged so that your organisation can demonstrate both reported breaches and near misses.
The incident reporting process is simple, with obstacles to logging removed you learn of them faster. Once an incident is logged your lead investigator can manage the breach step by step, including reporting to the supervisory authority or, other interested parties.
If a breach is reportable, ProvePrivacy will generate the supervisor breach report so that it can be emailed to the relevant regulatory authority. This means that that there is no need to re-enter information already collected by ProvePrivacy.
Data Subject Rights Management
The data subject rights management module allows any ProvePrivacy user to raise an incident relating to a data subjects request including a data subject access request (DSAR), right to be forgotten, and all other data subjects rights.
By building each of the UK exemptions in to ProvePrivacy, your investigators can easily identify if they can be applied to a specific incident, potentially reducing the effort required.
The Data Subject Rights module allows you to manage requests from data subjects such as a data subject access request (DSAR) or the ‘right to be forgotten’. As well as managing the process, ProvePrivacy maintains a log of requests so that you can demonstrate compliance.
There are a large number of complex exemptions available when dealing with data subjects rights, and not all can be applied to all requests. ProvePrivacy only allows the relevant exemptions to be selected and recorded, meaning your investigation teams can focus on responding to relevant parts of the request.
Information Request Management
The Information Request module allows a request for information to be recorded. Typically this would be a request for non-personal information such as a Freedom of Information Request, Environment Information Regulations request or a request from other bodies.
ProvePrivacy informs the appropriate teams that a request has been raised, notifies them of the progress of the request and when further actions are required.
The incident reporting process is simple meaning there are fewer obstacles to logging an incident and that you learn of them faster. Once an incident is logged your lead investigator can manage the breach step by step. Information is collected throughout the process allowing for management information to be produced at a later date.
Like all of the ProvePrivacy modules, there is the ability to add associated risks to an incident. This allows the incident and the associated risk to be managed separately.