19 SmartSimple Features To Ease Your GDPR Woes
As cloud computing has increased in recent years, so has the need to make sure your information is secure and isn’t just floating into the wrong hands and used for reasons you don’t want it to. We have 19 features to put your stress at ease and on your way to complete data control in your processes.
The General Data Protection Regulation Regulation (GDPR) deadline has come and gone, and it’s changed everything in how data is processed and managed. Yet, there are many organizations who are having a difficult time being confident their processes are compliant.
Based on the Crowd Research report, 60 percent of surveyed organizations were likely to miss the GDPR compliance deadline. While 80% of the surveyed organizations regard GDPR compliance as a top priority, only half said they are knowledgeable about the data privacy legislation or have deep expertise with regard to the regulation.
SmartSimple allows you to have full control of your security protocols. Whatever your internal policy is, we’ll match it.
Our attribute-based access control (ABAC) lets you enable and define masks for any field in the system.
Everything within SmartSimple is encrypted end-to-end.
Ensuring access is authorized
Take additional measures to protect your account such as enabling multi-factor authentication (Google 2-factor; FIDO protocol); session timeout; URL encryption; and any number of our security settings.
Utilize SmartSimple’s security check feature, which highlights which areas of your system need review or improvement. Use this regularly to test, assess, and evaluate your security.
Data Subject Rights
Profiles (with profile image)
Using SmartSimple to implement procedures that facilitate the GDPR’s rights and principles will be smooth and incomplex since both the GDPR and SmartSimple are organized around the data subject. SmartSimple stores the data subject’s information as a property of a person, rather than a property of a thing (UTA), making it easy to adjust and define the policies and procedures relating to the data subject.
SmartSimple can help you set up a UTA to track requests by your clients such as access, rectification, erasure, etc., and help ensure that you turn these over within a month.
Right to access
The GDPR’s ‘Right to Access’ allows the data subject to request all information regarding their data. SmartSimple can fulfill this request automatically by enabling a button on a user’s profile that opens a PDF of all the relevant information.
Right to erasure
SmartSimple will allow you to completely erase a data subject’s profile, and erase this information from your logs. However, since deleting information might disrupt your reporting, SmartSimple will allow you to report on pseudonymised data that is personally unidentifiable, but necessary for the report.
Procedures & Compliance Checks
By establishing policies, and linking them to related fields, you can set the system to auto-delete information after a certain period of time.
SmartSimple was built with the principle of data minimization in mind. Since data subject information is stored to a profile, and not to a UTA, information only needs to be collected once.
Defining your Universal Tracking Application
Whether you’re tracking a grant, a case, or anything else, you must define the parameters of any Universal Tracking Application (UTA) that holds information on data subjects. SmartSimple can provide a form for you to input critical information about the UTA such as: which categories of personal data are being collected, why the personal data is being collected, how long the information will be held, etc.
SmartSimple is working on a template for a GDPR-compliant application form.
Other compliance checks
Use our templates, or create your own templates, to ensure you’re meeting every requirement. Some compliance checklist templates include consent, the lawfulness of processing, and accessibility.
Track changes within SmartSimple allow you to provide an audit trail for your processes.
Ad hoc reporting
Make use of SmartSimple’s advanced ad hoc reporting capabilities, and report on any field within the system. If you need to assess your consent processes, create a report on it. Keep in mind, under the ABAC security protocol, when you share a report with someone who isn’t authorized to see the data- the sensitive data will be masked.
SmartSimple can help you create records of all your processing activities- a major requirement from the legislation.
SmartSimple welcomes and encourages all processor contract amendments.
SmartSimple is dedicated to developing best practices relating to the GDPR. For this, we need your help. If you’re interested in joining our GDPR working group, please contact us at firstname.lastname@example.org