Dpia management solution

DATASHE ET

DPIA Management Solution

Streamline your process for conducting DPIAs and demonstrating GDPR compliance Under Article 35 of the GDPR, a Data Protection Impact Assessment (DPIA) is required when data processing is likely to result in a high risk to the rights and freedoms of individuals. EU regulators have identified a number of activities that are likely to result in high risk processing. Examples include sensitive data processing, large scale processing, predictive scoring, big data analytics, international data transfers, and the use of new technologies. Each DPIA must contain a number of items, including a systematic description of the processing operations and their purposes; an assessment of the necessity and proportionality; an assessment of the risks; the measures needed to address the risks. Determining which data processing requires a DPIA, conducting DPIAs and demonstrating compliance controls and safeguards can create a complex privacy program management challenge.

TrustArc DPIA Management Solution Our DPIA solution simplifies the process of determining whether a DPIA is required, conducting a risk assessment and creating a risk register, evaluating and demonstrating whether mitigating controls and safeguards are effective and concluding whether prior consultation with a data protection authority is required. It is based on a combination of powerful technology through the TrustArc platform, proven assessment methodology, and deep GDPR privacy expertise. The DPIA provides a comprehensive and structured process to comply with the requirements outlined in Article 35 of the GDPR – along with detailed remediation guidance and recommendations. The solution was developed by TrustArc GDPR privacy experts in collaboration with the Information Accountability Foundation and in conjunction with review and inputs from regulators in the EU.

TrustArc Assessment Manager Our DPIA solution is powered by the Assessment Manager module of the TrustArc platform. Assessment Manager enables organizations to quickly assess and remediate gaps across a wide range of regulations, including the GDPR. The cloud based solution is in use by over 1,000 clients worldwide and is backed six years of operating experience. The system is secure, does not require IT support, is accessible by employees worldwide, and provides a central repository of all assessments and remediation activity. US 888.878.7830 |

EU +44 (0)203.078.6495 |

www.trustarc.com

|

Š 2017 TrustArc Inc

DPIA Management Solution

DATASHE ET

TrustArc GDPR Solutions TrustArc offers a wide range of GDPR solutions including: •

DPIA/PIA Program Development – If you are new to conducting PIAs and DPIAs, our consultants can help you build a sustainable PIA/DPIA program, including identifying and training participants; identifying areas to assess and key assessment triggers; defining processes, reports, and review frequency; and much more.

•

GDPR Priorities Assessment – Our structured methodology reviews your privacy program and provides a detailed gap analysis and prioritized plan of activities needed to achieve GDPR compliance.

•

Data Inventory, Cookie Consent, Tracker Scanning, Ads Preferences and Dispute Resolution – Our privacy platform provides several modules to help you achieve and manage ongoing GDPR compliance.

TrustArc DPIA Solution Features

Comprehensive: The DPIA template covers all

compliance requirements outlined in Article 35 and EU Guidelines on DPIAs adopted in 2017.

Flexible: Begin with a simple threshold

assessment and inherent risk assessment before proceeding with a full DPIA (when required) – plus access to an assessment template library for other privacy reviews including PIAs, vendor risk legitimate interests assessment and incident response. Ability to tailor existing assessment templates and create custom templates.

Intelligent: Logic-based question sequence,

automated gap review, automated and customizable risk assessment, and detailed remediation guidance and recommendations.

Easy to Use: Friendly user interface and

streamlined workflow optimized for administrators, managers, and respondents.

End to End Solution: Manage the entire process– requesting and following up on stakeholder input; analyzing responses; assessing risk and compliance; managing remediation; generating a risk register and compliance reports as well as a DPIA outcomes report.

Thorough: Data Flow Manager, part of the TrustArc Platform, can be used to identify high risk data processing activities that may require a DPIA.

Reporting: Key privacy safeguards are recorded as the DPIA is conducted, and a custom report is produced once the assessment is complete.

Proven: The DPIA solution was developed and

reviewed by a team of globally recognized EU privacy experts from TrustArc and the Information Accountability Foundation and has been reviewed with regulators in the EU.

About TrustArc TrustArc powers privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions – addressing all phases of privacy program management. Our new name, TrustArc, reflects our evolution from a certification company into a global provider of technology powered privacy compliance and risk management solutions. The foundation for our solutions is the TrustArc Privacy Platform which provides a flexible, scalable, and secure way to manage privacy. Our technology platform, fortified through six years of operating experience across a wide range of industries and client use cases, along with our services, leverage deep privacy expertise and proven methodologies which we have continuously enhanced through thousands of client projects over the past two decades. Headquartered in San Francisco, and backed by a global team, we help over 1,000 clients worldwide demonstrate compliance, minimize risk, and build trust. US 888.878.7830 |

EU +44 (0)203.078.6495

|

www.trustarc.com

|

© 2017 TrustArc Inc

2