SmartSimple Blog

19 SmartSimple Features To Ease Your GDPR Woes

Posted by Stirling Myles on Jun 21, 2018 8:00:00 AM

 

 Photo by Samuel Zeller Photo by Samuel Zeller

 

As cloud computing has increased in recent years, so has the need to make sure your information is secure and isn’t just floating into the wrong hands and used for reasons you don’t want it to. We have 19 features to put your stress at ease and on your way to complete data control in your processes.

The General Data Protection Regulation Regulation (GDPR) deadline has come and gone, and it’s changed everything in how data is processed and managed. Yet, there are many organizations who are having a difficult time being confident their processes are compliant.

Based on the Crowd Research report, 60 percent of surveyed organizations were likely to miss the GDPR compliance deadline. While 80% of the surveyed organizations regard GDPR compliance as a top priority, only half said they are knowledgeable about the data privacy legislation or have deep expertise with regard to the regulation.



By design, our software has been ready and built and configured to meet the data transparency standards of GDPR.

Here are 19 features and functionalities out of the almost infinite configuration capabilities that are inherently GDPR-compliant within our system.

 

 

 Photo by Ricardo Gomez Photo by Ricardo Gomez

 

 

Security

Full Control

SmartSimple allows you to have full control of your security protocols. Whatever your internal policy is, we’ll match it.

Pseudonymisation

Our attribute-based access control (ABAC) lets you enable and define masks for any field in the system.

Encryption

Everything within SmartSimple is encrypted end-to-end.

Ensuring access is authorized

Take additional measures to protect your account such as enabling multi-factor authentication (Google 2-factor; FIDO protocol); session timeout; URL encryption; and any number of our security settings.

Security report

Utilize SmartSimple’s security check feature, which highlights which areas of your system need review or improvement. Use this regularly to test, assess, and evaluate your security.

 

 

 Photo by Joel Filipe Photo by Joel Filipe

 

 

Data Subject Rights

Profiles (with profile image)

Using SmartSimple to implement procedures that facilitate the GDPR’s rights and principles will be smooth and incomplex since both the GDPR and SmartSimple are organized around the data subject. SmartSimple stores the data subject’s information as a property of a person, rather than a property of a thing (UTA), making it easy to adjust and define the policies and procedures relating to the data subject.

Request tracker

SmartSimple can help you set up a UTA to track requests by your clients such as access, rectification, erasure, etc., and help ensure that you turn these over within a month.

Right to access

The GDPR’s ‘Right to Access’ allows the data subject to request all information regarding their data. SmartSimple can fulfill this request automatically by enabling a button on a user’s profile that opens a PDF of all the relevant information.

Right to erasure

SmartSimple will allow you to completely erase a data subject’s profile, and erase this information from your logs. However, since deleting information might disrupt your reporting, SmartSimple will allow you to report on pseudonymised data that is personally unidentifiable, but necessary for the report.

 

 

 Photo by Luca Colapinto Photo by Luca Colapinto

 

 

Procedures & Compliance Checks

Storage Limitation

By establishing policies, and linking them to related fields, you can set the system to auto-delete information after a certain period of time.

Data minimization

SmartSimple was built with the principle of data minimization in mind. Since data subject information is stored to a profile, and not to a UTA, information only needs to be collected once.

Defining your Universal Tracking Application

Whether you’re tracking a grant, a case, or anything else, you must define the parameters of any Universal Tracking Application (UTA) that holds information on data subjects. SmartSimple can provide a form for you to input critical information about the UTA such as: which categories of personal data are being collected, why the personal data is being collected, how long the information will be held, etc.

Application template

SmartSimple is working on a template for a GDPR-compliant application form.

Other compliance checks

Use our templates, or create your own templates, to ensure you’re meeting every requirement. Some compliance checklist templates include consent, the lawfulness of processing, and accessibility.

 

 

 Photo by Ricardo Gomez Photo by Ricardo Gomez

 

 

Transparency

Audit trail

Track changes within SmartSimple allow you to provide an audit trail for your processes.

Ad hoc reporting

Make use of SmartSimple’s advanced ad hoc reporting capabilities, and report on any field within the system. If you need to assess your consent processes, create a report on it. Keep in mind, under the ABAC security protocol, when you share a report with someone who isn’t authorized to see the data- the sensitive data will be masked.

Records

SmartSimple can help you create records of all your processing activities- a major requirement from the legislation.

Working Together

Contracts

SmartSimple welcomes and encourages all processor contract amendments.

Best practices

SmartSimple is dedicated to developing best practices relating to the GDPR. For this, we need your help. If you’re interested in joining our GDPR working group, please contact us at marketing@smartsimple.com

Learn more about we can help you on your path to GDPR compliance. Visit us today.

Topics: Compliance, GDPR, SmartSimple Cloud platform