Data is cited as an organization’s most valuable asset, but managing and ensuring the privacy of your data is not easy. With the implementation of the EU General Data Protection Regulation (GDPR) legislation, it is even more vital to protect your customer data. Magnitude can help companies adhere to GDPR requirements in context of broader organizational goals, enabling marketers to meet individual customer rights requirements.

Magnitude, with supporting partners, offers a fixed price initiative to get your GDPR efforts on track. The process:

1

ASSESSMENT

40 DAYS

Collect evidence
Build initial DPIA
 

[OPTIONAL]
LEGAL OPINION

2

REMEDIATION

2-6 MONTHS

Accelerated change program
Finalize DPIA

[OPTIONAL]
LEGAL CERTIFICATION

3

MONITOR

ONGOING

Operate GDPR
Compliant business
 

This solution can be offered as a fixed bid engagement due to high levels of automation.

STAGE 1: ASSESSMENT WORKSHOP

UNDERSTAND SCOPE OF IN-HOUSE GDPR PROGRAM & HOW WE CAN ASSIST

OBJECTIVES & STAKEHOLDERSUnderstand objectives (revenue pillars or service lines) & functions. Understand organization & 3rd party dependencies.
GDPR PROGRAM & ORGANIZATIONUnderstand GDPR program scope & organization. Roadmap & status. Assess feasibility of DPIA timeline.
T&Cs / CONSENTS FOR PRODUCTS & SERVICESUnderstand how scope & expiry of consents for legal use-cases is managed – how we access this for GDPR assist.
LEGAL & RISK ASSESSMENTUnderstand how comfortable stakeholders are with legal and risk assessments, make specialist referrals to assist upon request.
PEOPLE*Assess how GDPR assist can inform DPIA by identification of who accesses private data.
FIND PRIVATE DATA*Assess how GDPR assist can inform where private data is held. Check legacy platforms are feasible for remediation [or conversion].
BUSINESS PROCESSES*
Assess how GDPR assist can create data lineage & usage maps to inform DPIA re use of private data by business processes.
BREACH PROCESSING*Assess how GDPR assist can inform the impact assessment of a breach e.g. consider which private data is potentially at risk.
GDPR GOVERNANCE*Assess how GDPR assist can inform which user/dept/tool accesses private data. Assess how GDPR assist can inform SARs.
IT ESTATE*Assess how GDPR can build cross-platform data lineage & access maps to inform DPIA according to risk priority defined by client.
DATA SECURITY*Assess whether Teradata Infosec should engage to assist in-house Infosec team e.g. encryption/obfuscation and physical security.

*Informed by Teradata automation

For example, a process that took 7 months at one large company was automated in 4 weeks in a way that provides the proof that the regulator requires. This automation absorbs metadata from multiple databases, ETL tools, BI tools, and other technologies to assist with the overall results. Further, unlike many systems that just look at the lineage of data that is produced, this solution puts equal weight on discovering how data is being used.

CONSUMER

HOW DATA IS ACCESSED

  • Fingerprinting to group data into subject areas.

  • Show who uses different versions of a business metric . . .

    Inform DATA ACCURACY & DATA MINIMIZATION

  • PRODUCER & CONSUMER combine to give accurate evidence to help you to quantify risk & decide on appropriate governance

The service is non-invasive, can run entirely in the Cloud if desired, and supports ongoing maintenance and monitoring.

1 ASSESSMENT
2 REMEDIATION
3 MONITOR

CENTRAL REPOSITORY – METADATA DRIVEN
Transparency created by GDPR Assist for multiple platforms

Pricing & More Information

For pricing and more information for this fixed price service, please contact us here.