Photo by Samuel Zeller
As cloud computing has increased in recent years, so has the need to make sure your information is secure and isn’t just floating into the wrong hands and used for reasons you don’t want it to. We have 19 features to put your stress at ease and on your way to complete data control in your processes.
-1.png)
The General Data Protection Regulation Regulation (GDPR) deadline has come and gone, and it’s changed everything in how data is processed and managed. Yet, there are many organizations who are having a difficult time being confident their processes are compliant.
Based on the Crowd Research report, 60 percent of surveyed organizations were likely to miss the GDPR compliance deadline. While 80% of the surveyed organizations regard GDPR compliance as a top priority, only half said they are knowledgeable about the data privacy legislation or have deep expertise with regard to the regulation.
By design, our software has been ready and built and configured to meet the data transparency standards of GDPR.
Here are 19 features and functionalities out of the almost infinite configuration capabilities that are inherently GDPR-compliant within our system.
Photo by Ricardo Gomez
Security
Full Control
SmartSimple allows you to have full control of your security protocols. Whatever your internal policy is, we’ll match it.
Pseudonymisation
Our attribute-based access control (ABAC) lets you enable and define masks for any field in the system.
Encryption
Everything within SmartSimple is encrypted end-to-end.
Ensuring access is authorized
Take additional measures to protect your account such as enabling multi-factor authentication (Google 2-factor; FIDO protocol); session timeout; URL encryption; and any number of our security settings.
Security report
Utilize SmartSimple’s security check feature, which highlights which areas of your system need review or improvement. Use this regularly to test, assess, and evaluate your security.
Photo by Joel Filipe
Data Subject Rights
Profiles (with profile image)
Using SmartSimple to implement procedures that facilitate the GDPR’s rights and principles will be smooth and incomplex since both the GDPR and SmartSimple are organized around the data subject. SmartSimple stores the data subject’s information as a property of a person, rather than a property of a thing (UTA), making it easy to adjust and define the policies and procedures relating to the data subject.
Request tracker
SmartSimple can help you set up a UTA to track requests by your clients such as access, rectification, erasure, etc., and help ensure that you turn these over within a month.
Right to access
The GDPR’s ‘Right to Access’ allows the data subject to request all information regarding their data. SmartSimple can fulfill this request automatically by enabling a button on a user’s profile that opens a PDF of all the relevant information.
Right to erasure
SmartSimple will allow you to completely erase a data subject’s profile, and erase this information from your logs. However, since deleting information might disrupt your reporting, SmartSimple will allow you to report on pseudonymised data that is personally unidentifiable, but necessary for the report.
Photo by Luca Colapinto
Procedures & Compliance Checks
Storage Limitation
By establishing policies, and linking them to related fields, you can set the system to auto-delete information after a certain period of time.
Data minimization
SmartSimple was built with the principle of data minimization in mind. Since data subject information is stored to a profile, and not to a UTA, information only needs to be collected once.
Defining your Universal Tracking Application
Whether you’re tracking a grant, a case, or anything else, you must define the parameters of any Universal Tracking Application (UTA) that holds information on data subjects. SmartSimple can provide a form for you to input critical information about the UTA such as: which categories of personal data are being collected, why the personal data is being collected, how long the information will be held, etc.
Application template
SmartSimple is working on a template for a GDPR-compliant application form.
Other compliance checks
Use our templates, or create your own templates, to ensure you’re meeting every requirement. Some compliance checklist templates include consent, the lawfulness of processing, and accessibility.
Photo by Ricardo Gomez
Transparency
Audit trail
Track changes within SmartSimple allow you to provide an audit trail for your processes.
Ad hoc reporting
Make use of SmartSimple’s advanced ad hoc reporting capabilities, and report on any field within the system. If you need to assess your consent processes, create a report on it. Keep in mind, under the ABAC security protocol, when you share a report with someone who isn’t authorized to see the data- the sensitive data will be masked.
Records
SmartSimple can help you create records of all your processing activities- a major requirement from the legislation.
Working Together
Contracts
SmartSimple welcomes and encourages all processor contract amendments.
Best practices
SmartSimple is dedicated to developing best practices relating to the GDPR. For this, we need your help. If you’re interested in joining our GDPR working group, please contact us at marketing@smartsimple.com
