BigID Data Subject Rights Automation for GDPR & Privacy Data Sheet
0 likes205 views
BigID offers solutions for automating GDPR data subject rights, enabling organizations to efficiently manage requests for data access, deletion, and portability. Their technology correlates and indexes personal data across platforms, allowing for streamlined compliance with GDPR regulations. By providing tools for subject access reports, deletion workflows, and data rectification, BigID helps organizations protect customer privacy and manage personal information effectively.
BigID Data Subject Rights Automation for GDPR & Privacy Data Sheet
- 1. www.bigid.com • info@bigid.com • @bigidsecure Your Customers' Privacy, Protected! Automate GDPR Data Subject Rights From Request to Fulfillment GDPR Data Subject Rights Automation The EU General Data Protection Regulation is the first compliance mandate to explicitly require that data subjects have access to all the personal data that a covered entity stores about them, and the ability to modify and delete the data. Traditional discovery tools can determine where personally identifiable information (PII) is stored by type of data source, but now whose data is being processed, or even what constitutes personal information (PI) under the GDPR’s definition. BigID’s correlation and machine learning uniquely provide a comprehensive map by data subject of all personal and private data across platforms with indexing of the locations of data values in order to operationalize GDPR Data Subject Access rights. Subject Access Requests Under GDPR, data subjects can request all the data related to them that the covered entity holds and that any processing activities related to their data be suspended or terminated. Any data that can be tied back to a data subject is by definition personal and private data , including cookie IDs, IP addresses and device identity. BigID provides a one-click ability to generate a subject access report that can be used by support teams to respond to requests, or easily delivered through a self-service portal. Because BigID is built using an API-centric design, the process of generating the report by data subject can be easily automated for internal support teams, and potentially for customer or user-facing self service requests. Your Customers' Privacy, Protected! Right-to-be-Forgotten With the “Right to be Forgotten”, a data subject can request that their personal data processed by a controller be erased or deleted- except for data that is required for ongoing business processes and other compliance obligations. By compiling a comprehensive inventory of all personal data related to a data subject that incorporates an index of what attributes are stored on which systems, down to the file, column or row level across data source types, BigID can operationalize right to be forgotten requests. BigID can trigger a deletion workflow process which provides detailed information about location of all applicable data subject information, on request from a data subject. The deletion request can be routed using BigID’s integrated workflow system, or via integration with a customer’s ticketing system.
- 2. www.bigid.com • info@bigid.com • @bigidsecure Your Customers' Privacy, Protected! Automate GDPR Data Subject Rights From Request to Fulfillment Data Portability The GDPR Article 20 stipulates that data subjects have the right to move, copy or transfer personal data easily from one controller to another in a machine readable format. In order to comply with this Article without requiring resource- intensive manual steps, controllers should maintain an accurate indexing by data subject of what data they store and where. BigID provides IT operations with an actionable report on where an individual’s data resides, simplifying the process of porting data values distributed across enterprise infrastructure. A Data Portability report can also be generated for providing this information to the data subject. Like other functionality in BigID, this capability is accessible via a configurable console and programmatically via a set of APIs. BigID is redefining personal data protection and privacy in the enterprise. Organizations are facing record breaches of personal information and proliferating global privacy regulations with fines reaching 4% of annual revenue. BigID gives enterprises software to automate the security and management of structured and unstructured PI across data centers and cloud. Using BigID, enterprises can better steward their most vital assets; the customer, employee and client data. For more information email info@bigid.com or schedule a demo at bigid.com/demo. How BigID Can Help Your Customers' Privacy, Protected! Rectification As one outcome of a Subject Access Report, a data subject may request modifications or rectification of the data that the controller processes. Controllers again face the task of facilitating a rectification request in a timely manner, without a number of manual steps. BigID can facilitate the rectification process by allowing the user to submit a data rectification request through a standard form, which once submitted generates an internal change request. The BigID system automatically generates a task based on the request, assigns the task to the IT function and attaches a report on which specific values should be rectified, the requested values and where they are located - based on an existing indexing of personal data by data subject.