Posts

Subject Access Requests Solutions

Process SARs in minutes, not days

The Exonar platform provides automated, intuitive and rapid processing of subject access requests (SARs), substantially reducing costs and decreasing disruption to your organisation.

After 25th May 2018, when the EU’s General Data Protection Regulation (GDPR) came into force, organisations can no longer charge for producing SARs. This means you should prepare for a significant increase in the number of requests your organisation handles. In our recent survey 57% of individuals said they would want to request their data as there is now no cost.

SARs can be over 800 Pages Long. Where do we start?

Subject access requests can cross many business units, departments, systems, processes and people. Often the only way to deal with them has been to email line management and request printed copies of the information requested, coralling that information then sending it to the customer via courier.

There’s an easier way. Use Technology

Connect to all of the sources of your customer data; emails, databases, word documents and spreadsheets, in your fileshares or in the cloud. Build an index of all of that information so that you can search it, instantly. Use machine learning to help guide you to all of the right and less of the wrong information. Manage your SARs online and track them as they progress.

Doctor! Doctor! I have a SAR – How Long is the Waiting List?

A First-Hand Account of the Problematic Role of SARs Processing
It’s widely known that resources within the NHS are stretched. So what happens when an institution that is already buckling under the pressure receives a consistently large volume of SARs with tight delivery deadlines?
Read More

The Exonar platform continuously indexes all of your organisation’s data, meaning producing a subject access request is simple, quick and efficient:

Process, redact and produce SARs directly from the Exonar platform, without needing to scan or photocopy information
SAR dashboard shows you where you are with cases, and who you’re waiting on
Create simple templates to enable untrained users to find information relating to an individual
Review documents without needing to access the originals
Use machine learning to identify and redact personal and commercial information

CIO Solutions

Harness your data – unlock your assets

Gartner’s 2018 CIO Survey (above) plainly reveals that the job of the CIO is changing. As digitalisation
and innovation put more emphasis on the information rather than the technology in “IT,” the CIO’s role is transforming from delivery executive to business executive. They must now control costs and re- engineer processes to drive revenue and exploit data.

So, how does a CIO transform their organisation to help drive revenue and the exploitation of data whilst controlling costs and facilitating these business objectives?

According to The Economist ‘the world’s most valuable resource is no longer oil, but data’. Therefore, the Chief Information Officer should be an organisation’s most valuable asset. However, many are struggling to operate at their full potential. Time and again, strategies are defined and goals are set but the fundamental data question remains –

“I don’t even understand what data I’ve got. Where do I start so I can begin using it?”

By answering this seemingly simple yet complex question, CIO’s are able to advance the objectives of their business, transforming the model whilst supporting the digital agenda.

Often seen as a risk, we want to demonstrate that rather than being something to be concerned about, data can be controlled and turned into an asset.

The Issues With Today’s Solutions

If ‘data is the new oil’, then the ability to use the information we hold about our customers and businesses appropriately and in context is the key to digital transformation and organisational success. In this new world, the ability to remove friction from the customer journey whilst efficiently ensuring the safety and security of the data becomes paramount.

If we assume that to harness and control data we first need to know what we have, we can see that there are a number of approaches currently being deployed to establish a foundation:

  • Clipboard exercises interviewing line management to ascertain where the organisation thinks its data should be and what the data flows should look like. Time intensive, often requiring external consultants and delivering an espoused view as opposed to reality often facets this approach.
  • Tackling structured data with a barrage of queries often yields results but precludes all of the unstructured data both within those structured sources (like CRM systems) and the ‘Wild West’ of shared drives, email platforms, cloud storage systems and ‘servers under a desk in Stoke’.
  • eDiscovery systems can be deployed to try and forensically assess what data is out there. Expensive, restricted and with an inability to respond quickly, these systems only get a partial job done. Our system reduces the size of your data lake, minimising Data Analyst’s effort to complete the task.
  • Data Governance Solutions are utilised to try and control users and their access to, and use of, information. Largely focusing around directories and fileshares but with rules and some AI, these tools do their job but on a limited set of data up to a capped scale with some, but often restricted, insight into what’s going on with the information estate.
  • Data Loss Prevention (DLP) platforms are acquired to get control on the data and how it flows. Expensive, lengthy and with inflexible rule matrices that can often take 2 years to develop and can become obsolete in an instant means that this ‘hard code’ approach to try and tag and bag data to get it under control and understood often falls short of the overall goals.
  • Data Management platforms like Hortonworks provide powerful tools to leverage data and understand it. However, they are often mired in lengthy development cycles and require hard-to- recruit and retain developers and technologists.
  • ‘Traditional’ storage systems such as a SAN allow organisations to easily add data capacity but not to automatically manage or control information based on content and therefore relevance.

Click here to download the PDF version of this guide.

The Smart Alternative

The diagram below provides an architectural overview of the Exonar Information IntelligenceTM platform and how this platform has been harnessed to create a new concept in data management – Search Optimised Smart Storage (SOSS).

Exonar Search Optimised Smart Storage

The verb SOSS means ‘to move gently’. The movement of data, or data control, within an organisation is crucial not only for controlling Total Cost of Ownership (TCO) but also for utilising information as an asset and managing information as a risk.

Search Optimised Smart Storage (SOSS) from Exonar allows intelligent data control policies to be defined through the powerful and flexible search capabilities inherent in the Exonar Platform. SOSS provides the capability to automatically move data to the right location with the right performance and protection based on the data’s content, metadata and importantly, its value and risk. Crucially, SOSS moves data gently enough that it always remains searchable, discoverable and accessible to the right set of people and applications.

SOSS Platform Capabilities

  • Optimising TCO and performance for frequently accessed data through smart storage tiering.
  • Placing verbose or repeated data into Deduplicated and Compressed storage locations.
  • Moving important data to storage locations with DR policies that define data appropriate Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO).
  • Reducing TCO for orphaned, stale and rarely accessed data by moving from ‘hot’ to ‘warm’ or ‘cold’ storage (e.g. cloud storage).
  • Protect sensitive data by moving it to an encrypted and access restricted storage location.
  • Retention and records management via search based retention policies that control not only where data is kept but how long it is kept for.
  • Enable rapid data production for regulatory production (such as GDPR Subject Access Requests)

But How?

The Exonar platform is uniquely positioned to combine massive scalability, speed and data ingestion from almost any source. It has the ability to interrogate and analyse content rich data in bulk or at the level of an individual item, in near-real time. This is delivered on a clustered and resilient software and hardware platform that can economically scale to a range of customer data requirements and sizes; from around 100,000 up to billions of items. Exonar’s platform provides: integration, coordination and deployment of scalable big-data technology on commodity hardware, the use of Machine Learning and natural language processing techniques to understand and classify information, and the use of indexing and a user-experience layer to provide insight for our clients, with security always top of mind.

The vast amounts of data and variety of usage patterns pose a number of challenges:

Data presentation – users are provided the high level insight they need as well as an ability to zoom in and work with individual documents.
Finding the needle in a haystack – users can easily locate that one document they care most about amongst 10s or 100s of millions of documents in their organisation. This requires a powerful search interface, flexible schema and fast response times. An intelligent platform backed by Machine Learning makes it possible to automate processes which otherwise would require a huge amount of manual processing.
Scalability – the high volume and variety of data and fast rate of growth put Exonar firmly in the Big Data category. As our customers’ data volumes increase, the platform is designed to scale up with the volume.
Evolving requirements – we are able to quickly react to the needs of our customers and pivot when necessary. Using open source components at the core of our platform enables us to take features to market quickly, focus on solving the most pertinent problems and provides clients with the assurance of long term utility should Exonar no longer exist.

Exonar has an open framework that can connect to all of the most frequently used business information systems. Implementation is rapid and the platform delivers results from day one of installation. We employ a layered architecture which takes data from external systems and applies a series of processes to understand and index it, making it available for interrogation by users and other systems. For organisations with more complex environments, custom connectors are created to integrate legacy systems data into this new environment. The platform doesn’t need an analyst to operate it and is accessible by a regular business with a half day of training.
Exonar is provided as a scalable appliance. It is licensed on an annual basis against the amount of data indexed, with sliding scale discounts applying to larger data volumes, and includes all hardware and software support and maintenance as well as product updates.

Leveraging The Exonar Platform

Clients are deploying the Exonar platform to solve a range of business imperatives, such as:

Data Privacy

  • Achieve and maintain compliance with Data Privacy regulation like GDPR, CCPA and POPI
  • Process access requests for personal data in minutes, not days
  • Create a Data Inventory of ALL your data.

Partner Data Indexing

  • Reduce costs in limiting time finding your partner data
  • Index data remotely, improving operational efficiency.

Cloud Bloat

  • Detect cloud data classified as ‘digital litter’ – duplicated, outdated and trivial
  • Organise information to speed up usability, efficiency and governance.

Records Management

  • Assemble practical intelligence on data and file location and sensitivity
  • Drill into specific files of the same subject, regardless of location and format.

Information Security

  • Discover and understand your sensitive information, what it is, where it is and who has access to it to ensure it can be properly and appropriately protected.

Data Lake Filtering

  • Our eDiscovery tool reduces your data lake, minimising human effort.

The Exonar Advantage

Intuitive User Interface

  • You don’t need to be a data scientist or an analyst. Simply connect Exonar to your network and our easy-to-use dashboards enable you to pull charts up and drill to any level of detail.

Intelligent Classification

  • Intelligent Classification automates the process of identifying patterns in documents and categorising them for protection, accessibility or deletion. Categories are defined by anything a user can search for, such as document markings, location, authorship, accessibility or contents.

Massive Scalability

  • Exonar’s ability to search billions of enterprise documents and return not just one but all of the most relevant results swiftly is enormously powerful. Our product can be scaled horizontally and can be installed either on-premise or in the cloud.

Boundless Connectivity

  • Exonar has an open connector framework allowing it to connect to almost any data source.

Near real time performance

  • Exonar’s platform delivers near real time responses to queries so it can be utilised both for single instance and ongoing monitoring of information assets. In addition, users can interrogate information from day one with a single ‘crawler’ ingesting around a million items a day.

Customer Obsessed Culture

  • Exonar’s agile culture sees our development process evolve through iteration, continuous feedback and evolution. We are highly focused and work collaboratively with our customer base to deliver a solution that can enable your digital transformation.

Exonar Background And Experience

The Exonar platform was originally developed for the needs of clients in the Defence sector. The system enabled them to understand their Intellectual Property, assess the ramifications of its loss including the business impact, and to help design improved processes for future protection.

We are an innovative technology company, based in the UK. This year we were selected by one of the UK’s largest retail banks over IBM to meet their initial requirements for ‘life after GDPR day’ and their platform for information management. We were selected by them not just for the unique capability of our technology but to deliver their information insight swiftly, simply and at scale because of our innovative approach and our ability to react to changing customer requirements. As a company, we pride ourselves on being utterly professional whilst maintaining our belief that people don’t want to deal with ‘the Corporate Entity’, they want to deal with real people who they can work with to solve their business problems.

We partner with the ‘big four’ consulting firms and specialist ‘boutique’ partners to deliver projects and ongoing programmes. Our investors include Amadeus Capital Partners and Winton Ventures, two of Europe’s most respected Venture Capital firms.

Where Do I Start?

The answer is to simply start. The task does not have to be approached as a big bang and no elephants need eating. Exonar can help you plan your approach and the benefits are almost immediate – the index that is created is searchable from day one. Every organisation is different with a balance bias between structured and unstructured data, different employee behaviours and different blends of knowledge and process workers but all yield benefit. The business benefits of action are clear, the rewards tangible and attainable. For the first time, discovering your information advantage is simply and easily achievable.

The first step in the process is to get in touch with Marcus Hill who will organise a walk-through of the platform for you and your team. Marcus can be contacted via 07793 857122 or marcus@Exonar.com

In return, you could have peace of mind with regards to your GDPR Compliance, PII, Cloud Migration, Information Security and many other of your data challenges.

Click here to download the PDF version of this guide.

 

 

 

 

Information Security Solutions

Information Security Solutions

Unstructured information in file shares all over your network, containing your organisation’s plans, staff and customer’s personal information. Sound familiar?

Unstructured information equals risk

In every organisation, the unstructured information on your network represents the ‘wild west’ of the security landscape. Ungoverned and seemingly ungovernable. Not only does this make information difficult to find and use, it makes the job of managing the security risks of all that barely managed information seem insurmountable. This medieval approach to security, building ever higher and thicker walls around your organisation’s data, can only work whilst the whole organisation’s value can be contained within those walls. With the advent of cloud, mobile computing and ever extending supply chains, those days are gone.

The traditional approach to solving this problem has been to harden systems and borders.

Understand your information

Understanding what you have, where it is, how old it is and who has access to it enables you to tidy up, tighten up and concentrate your often limited resources on ensuring that the most sensitive and most valuable information is best looked after.

Putting the information at the centre of security overcomes this issue.

It’s dangerous to go alone

The Exonar platform has the flexibility to enable you to filter and focus on what really matters to meet your information security requirements. By plugging into fileshares, shared drives, mail servers and cloud storage systems you are now able to get a holistic view of your unstructured information. Millions of documents and Terabytes of files can be indexed and understood. Reports can be generated on what’s where and how sensitive it is. Individual files can be drilled into and all other files (wherever they may be located) about the same subject can be identified instantly.

Download Information Security brochure

Cloud Migration Solutions

Cloud migration without the risks

Migrating everyday business information to one of the many cloud services such as Box, Dropbox or Office365 makes sense for almost every organisation.

Everyone’s migrating

Even traditionally risk adverse industries such as Finance, Government and Defence are adopting this model as they see the benefits of collaborative working whilst reducing the need to manage infrastructure. However, the question as to what can and should be moved must be addressed during migration projects.

Cloud migration can provide cost savings and productivity improvements.

Migrations equal regulations

Information is increasingly the subject of regulation. From EU GDPR dictating the nations deemed fit to hold EU Citizen data, to UK Government regulating how protectively marked information must be treated, or a hundred other industry specific regulations on how and where information can be stored, a poorly planned cloud migration project will expose your organisation to substantial additional regulatory and financial risk.

Cloud migration without the risks

Understanding what information you have, where it is, how old it is and who has access to it enables you to make sense of your unstructured information and prioritise what information should be de-duplicated, what should be archived, what should be deleted and what should be carried forward to your new cloud infrastructure. The Exonar platform enables you to cleanse information of unwanted and risky information, leaving your staff with just the valued information, properly protected, easily located and accessible within your chosen cloud service.

Download Cloud Governance brochure

CCPA Solutions

Generation privacy has begun

In the last 12 months, data privacy has moved from a niche topic to something talked about at almost every corporation’s board meeting.

The EU GDPR, which came into force on May 25th, 2018, covers data held on any EU citizen and enforced new accountability for organizations processing personal data.

With the legislature passing the California Consumer Privacy Act 2018 (AB 375) on June 29th 2018, there are now a similar set of rules governing most organisations holding data on US Citizens.

Exonar simplifies compliance with the California Consumer Privacy Act (CCPA) by getting right to the heart of the matter: Finding, Mapping and Managing your data.

How Exonar can help with CCPA

Data Mapping and Inventory

Data Subject Access Requests

Data Portability

Enforcing Compliance

Right To Be Forgotten

Meet the Personal Data Privacy dashboard

Exonar’s Privacy dashboard provides a top-down view of your organisation’s information in relation to the EU GDPR and California Consumer Privacy Act (CCPA).

It shows a comprehensive picture of all the data held which is relevant to these laws, where it is held and its characteristics.

This view will take your organisation beyond spreadsheets and interviews, and into the realm of making well-informed decisions, rapidly.

Where Do I Start

Preparing for CCPA will share many characteristics with those undertaken for GDPR:

Assemble the team: Include Executive Sponsors and stakeholders from Legal, Compliance or your data privacy team, people with oversight of you corporation’s technology and it’s security and representatives from the key personal data owners in your business (e.g. HR, Sales, Marketing, Customer Service).

Get started with a data inventory. Prioritise information stores likely to contain personal data and those with poor governance. Be practical, start with those that are easy to create an inventory form.

Don’t rely on your corporation’s answers to questionnaires for your data inventory, or you will get an idealistic view of your risk (your head of marketing is likely to say the personal data they process is in the marketing system, forgetting that it got there via email and has been exported into spreadsheets). You will need technology to do this effectively (and we can help!)

Establish a culture of security and privacy and ingrain this into your day-to-day operations. Communicate a simplified overview of CCPA to the key stakeholders.

Create and practise your business processes that will be required to satisfy the rights of the individual (Access to data, erasure, breach notification).

CCPA versus GDPR

There are many similarities and some key differences between GDPR and CCPA. Here is Exonar’s take:

Basis for consent

GDPR – Opt in

CCPA – Opt out

Who it applies to

GDPR – Any organisation holding personal data on EU citizens

CCPA – For-profit entities that process personal data of California residents and either:

Do $24 million in annual revenue

Hold the personal data of 50,000 people, households, or devices

Do at least half of their revenue in the sale of personal data.

Rights for individuals

GDPR – Access to data being held, right to erasure, correction, object to automated processing. Right to notification if there is a data breach.

CCPA – Right to disclosure and objection relating to who data is being sold to, no discrimination if individual objects to data sold. Right of access to data being held. Right to know how personal data is being used. Right to know who data has been provided to.

When does it come into force

GDPR – May 25, 2018

CCPA – Jan 1, 2020

Financial Penalties

GDPR – 4% of turnover or €20m (whichever is greater)

CCPA – $7,500 per violation. $750 or actual damages for each individual, whichever is greater

Time allowed to respond to a request

1 month

45 days

NB, California resident is defined as, “(1) every individual who is in the State for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the State who is outside the State for a temporary or transitory purpose.

The CCPA – The Definitive, Easily Searchable Text

Follow the link below to read the full California Consumer Privacy Act text, with each section clearly marked and searchable.

The legislature passing of the California Consumer Privacy Act 2018 (AB 375) happened on June 29th 2018, and these new rules will now govern most organisations holding data on US Citizens.

Read More

GDPR Solutions

Generation privacy has begun

Previously, personal data was owned by whoever collected it. With the introduction of the GDPR, personal data is now owned by the subject. GDPR creates a standardised set of expectations as to how your organisation must manage personal data in this new world.

GDPR has been described by some as being the most significant regulatory framework to hit companies since the Sarbanes-Oxley act. With a stated objective to “give citizens back control of their personal data and to simplify the regulatory environment for business” it will impact every single European individual who has shared their personal data with an organisation and every single organisation that holds information on any European individual.

Exonar simplifies GDPR compliance by getting right to the heart of the matter: Finding, Mapping and Managing your data.

How Exonar can help with GDPR

  • Data Mapping
  • Data Subject Access Requests
  • Data Portability
  • Enforcing Compliance
  • Right To Be Forgotten

Meet the GDPR dashboard

Exonar’s GDPR dashboard provides a top-down view of your organisation’s information in relation to the EU GDPR.

It shows a comprehensive picture of all the data held which is relevant to GDPR, where it is held and its characteristics.

This view will take your organisation beyond spreadsheets and interviews, and into the realm of making well informed decisions, rapidly.

Exonar GDPR Workshops

Personalised and conducted at your offices, this session will deliver a phased and prioritised GDPR data management plan that can be actioned and will deliver results immediately.
We’ll share how others are organising their programmes and applying the Exonar methodology to deliver a prioritised plan for discovery and analysis that can be put into action quickly.

Data – the core of GDPR

Data will be one of your primary concerns. The legal and operational requirements that GDPR places on companies are wide-ranging and impact everything from the people employed by the organisation, through to policies, processes and technology. GDPR is clear that individuals have a series of rights when it comes to how their data is collected, stored, used and disposed of by organisations. This means not only do business leaders have a lot to consider in making sure their organisation is able to fulfil their GDPR obligations, but that if they don’t understand where their data is, they won’t be able to comply.

The price is high for non-compliance

The large financial penalties of non-compliance have been frequently reported. However, the risk is far greater than one fine. With GDPR allowing individuals to take class actions against organisations that mistreat their data, any organisation that is subject to a data leak / hacking incident can expect to receive individual lawsuits which will not only increase the financial loss, but also consume vast amounts of time in settling individual litigation.
With this understanding in place, data management becomes the primary activity for any organisation under the GDPR.

Data management begins with discovery

What the GDPR forces business leaders to consider is where every single piece of personal data is across their IT estate – including the Cloud. Taken in this context, the question of the data that an organisation holds on individuals becomes a far more complex one to answer, and one that is going to require time, resource and budget. A thorough approach to data discovery, properly implemented, will lead you to data that you did not know about.

The EU GDPR – The Definitive, Easily Searchable Text

Full acknowledgement to the gdpr-info.eu project who have a neatly arranged, easily searchable PDF version of the General Data Protection Regulation (GDPR) including its recitals. The EU data protection reform was adopted by the European Parliament and the European Council on April 27th, 2016. The European Data Protection Regulation became applicable as of May 25th, 2018 and replace the Data Protection Directive.

Read More

GDPR Resources

  • GDPR Preparation
  • Personal Data Brochure
  • GDPR Whitepaper
  • GDPR Definitive Guide

 

Event Update – Join us for our Exonar meet-up in London

We’re delighted to be partnering with Brown Rudnick who will host a meet-up at their London offices on Tuesday, June 18th.

One year on from the start of the new GDPR regime, Exonar and Brown Rudnick invite you to join us to discuss the trends, issues and lessons learnt from the last 12 months. The session will be followed by a drinks and canpé reception for networking.

Topics will include:

  • Weaponising SARS – litigation friend or foe?
  • GDPR class actions – just around the corner?
  • What data can be excluded from a SAR response?
  • The €50m Google fine

Our panel will feature:

  • Mark Lubbock – Partner (Intellectual Property and Technology), Brown Rudnick
  • Adrian Barrett – CEO & Founder, Exonar
  • Gilbert Hill – CEO, Tap My Data
  • Ben Falk – Founder, Yo-Da
  • Anya Proops, QC – Barrister, 11 Kings Bench Walk
  • (Chair) James Cole – Partner (Corporate), Brown Rudnick

Date: Tuesday 18 June 2019

Venue: Brown Rudnick LLP, 8 Clifford Street, London W1S 2LQ

Time: 18.00 – 21.00

To book your space, please visit: http://exo.nr/meet-up
We hope you can join us!

 

Missed Our Webinar? Watch ‘The Perfect Privacy Programme’ Now

GDPR One Year On: What Does a Perfect Privacy Programme Look Like?
Free Web Conference – Brought to you by Exonar. Your chance to view the recorded webinar.

One year on from the introduction of the EU General Data Protection Regulation (GDPR), join Exonar and experts from the field in discussing ‘What does a perfect privacy programme look like?’

In this web conference we will hear from our panel of experts as they discuss:

  • What are the necessary components of an enterprise-level privacy programme?
  • How do we optimally assign roles and responsibilities within a privacy programme?
  • How can we most effectively create and manage accurate personal data inventory? (Article 30 – Records of Processing Activities)
  • How do we best monitor for GDPR compliance using both manual and technical controls?
  • What is the best way to deliver privacy training to our employees?
  • What are the most effective tools available to satisfy individual rights? I.e. Subject Access Requests (SARs), Right to be Forgotten, data deletion and retention.

In addition to discussion from the field, our panel will also discuss Exonar’s recent findings based on surveys of 100+ organisations and consumers into:

“What’s Next with Personal Data Inventory?” – Exonar have profiled 100+ organisations’ attempts to create personal data inventory. One year on we ask what monitoring and compliance actions they are now planning to take as a result.

“Consumer Attitudes to Subject Access Requests (SARs): A SARvey” – Exonar have surveyed 100+ consumers to assess their sentiment towards data privacy and the ability to exercise their privacy rights.

Host:
John Tsopanis, Data and Privacy Director, Exonar

Panelists:
Ralph O’Brien CIPM, Vice Chair UK Data Protection Forum, Principal Reinbo Consulting
Sophie Payne, Customer Success Lead and Data Scientist, Exonar
Ben Falk, CEO of Yo-Da, Your Data

Run time – 41 minutes.

 

Book a demo or a free trial  to learn more about how the Exonar platform can transform your data.

Missed Our Webinar? Watch ‘The Perfect Privacy Programme’ Now

GDPR One Year On: What Does a Perfect Privacy Programme Look Like?
Free Web Conference – Brought to you by Exonar. Your chance to view the recorded webinar.

One year on from the introduction of the EU General Data Protection Regulation (GDPR), join Exonar and experts from the field in discussing ‘What does a perfect privacy programme look like?’

In this web conference we will hear from our panel of experts as they discuss:

  • What are the necessary components of an enterprise-level privacy programme?
  • How do we optimally assign roles and responsibilities within a privacy programme?
  • How can we most effectively create and manage accurate personal data inventory? (Article 30 – Records of Processing Activities)
  • How do we best monitor for GDPR compliance using both manual and technical controls?
  • What is the best way to deliver privacy training to our employees?
  • What are the most effective tools available to satisfy individual rights? I.e. Subject Access Requests (SARs), Right to be Forgotten, data deletion and retention.

In addition to discussion from the field, our panel will also discuss Exonar’s recent findings based on surveys of 100+ organisations and consumers into:

“What’s Next with Personal Data Inventory?” – Exonar have profiled 100+ organisations’ attempts to create personal data inventory. One year on we ask what monitoring and compliance actions they are now planning to take as a result.

“Consumer Attitudes to Subject Access Requests (SARs): A SARvey” – Exonar have surveyed 100+ consumers to assess their sentiment towards data privacy and the ability to exercise their privacy rights.

Host:
John Tsopanis, Data and Privacy Director, Exonar

Panelists:
Ralph O’Brien CIPM, Vice Chair UK Data Protection Forum, Principal Reinbo Consulting
Sophie Payne, Customer Success Lead and Data Scientist, Exonar
Ben Falk, CEO of Yo-Da, Your Data

Run time – 41 minutes.

 

Get Instant access to the webinar:


Book a demo or a free trial  to learn more about how the Exonar platform can transform your data.

What Next With Your Personal Data Inventory (Article 30)?

3 Step Guide, Survey Results and Article 30² Toolkit

What Next With Your Personal Data Inventory (Article 30)?

Data privacy legislation requires organisations to discover and document their personal data processes e.g. GDPR – Article 30 ‘Record of Processing Activities’. For most organisations the simplest way to fulfil this obligation is to create and maintain a Personal Data Inventory.

Understanding what data you have, why you have it, where it is processed, who can access it, when it should be deleted, and how it is secured is the foundation of any data privacy or cyber security programme that aims to protect personal data and comply with data privacy legislation i.e. GDPR, CCPA, PIPEDA, PDBP and more.

Exonar Survey

Exonar surveyed 104 organisations to understand their experience discovering and operationalising their Personal Data Inventory. We have detailed the findings of this survey alongside a 3 Step Guide to Personal Data Inventory and Article 30² Toolkit.

Our first section on data discovery and personal data inventory will be most useful for organisations who are planning to create their Personal Data Inventory (e.g. those preparing for the California Consumer Privacy Act (CCPA) in 2020).

Our second and third sections will be most useful for organisations who have already created their Personal Data Inventory (e.g. those complying with General Data Protection Regulation (GDPR) from May 2018) to explain next steps for monitoring and compliance activities.

The Article 30² Toolkit can be filled to help you structure your journey through this process.

Download: What Next With Your Personal Data Inventory (Article 30)?

Download: Article 30² Toolkit