New cloud-based product combines four core modules into one single platform to enable easy assessment of data protection practices and GDPR compliance
February 2019 – Information security and compliance specialist Vigilant Software has launched an entirely cloud-based GDPR Manager platform to enable organisations to automate GDPR compliance activities and reduce associated costs while improving repeatability, robustness, reliability and audit trails.
GDPR Manager allows multiple users within an organisation to log on from any location, updating information such as subject access requests (SARs), breach reports, gap analysis questionnaires and third-party controls. The tool is suited to data protection officers (DPOs) and data protection managers (DPMs) in all organisations – all of whom need to automate their GDPR compliance activity as quickly and as cost-effectively as possible.
GDPR Manager comprises four modules, each of which supports a different core aspect of GDPR compliance:
- Breach reporting: This module allows users to log any personal data breaches that occur, so that they can then be reported to the local supervisory authority (the ICO in the UK) within 72 hours as per the requirements of the GDPR. This also provides a clean and clear record for remediating the data breach and informing stakeholders as to its impact.
- SAR logging: This module provides a means of logging any SARs (sometimes referred to as data subject access requests, or DSARs) received and keeping a record of how those requests have been followed up. The right of access is enshrined within the GDPR, meaning that organisations must respond to a SAR within one month of receiving it (occasionally two months under special circumstances).
- Gap analysis: This module provides the organisation in question with a means of assessing its level of compliance with BS 10012:2017, the British standard for implementing a PIMS (personal information management system) which is closely aligned with the requirements of the GDPR. The standard lays out the best-practice approach for protecting personal data, so the module helps organisations to identify the places where they need to take action in this area.
- Third party management: This module enables the logging of any third parties that the organisation works with to process personal data. By recording information about those third parties’ data protection practices, the customer can undertake thorough due diligence in terms of ensuring that it only engages secure and robust third party suppliers.
Gemma Platt, managing executive of Vigilant Software said: “Now that GDPR has been in place for almost a year, the challenge for organisations has moved from getting ready for its launch, to implementing its requirements into day-to-day operations as smoothly and seamlessly as possible.
“By offering a single cloud-based portal for managing four of the most important and arduous aspects of the GDPR, our GDPR Manager tool will help organisations to make achieving and demonstrating compliance cost-effective, quick and easy. There are so many knock-on benefits to organisations’ security postures for following GDPR requirements, so the benefits of this solution should be far-reaching.”
GDPR Manager complements two of Vigilant Software’s existing products – the Data Flow Mapping Tool, which creates data flow maps and reports to enable data protection by design, and its Data Protection Impact Assessment (DPIA) tool, which helps organisations to accurately describe their processes in line with the ICO’s and WP29 requirements for process descriptions.
Vigilant has plans to bring in new channel partners and consultants who are interested in adding a suite of cloud-based information security risk assessment modules to their portfolio. For information on GDPR Manager visit [insert link].
About Vigilant Software
Vigilant Software aims to make compliance easy. The company develops industry-leading tools for intelligent, simplified compliance, including ISO27001-risk management and EU GDPR. Drawing on years of experience in developing and deploying risk management tools and services, its product range provides businesses with regulatory software tools that save users both time and money.
Its flagship solution vsRisk is the industry-leading ISO27001-compliant risk assessment tool, simplifying and automating the information security risk assessment process for many organisations across the globe, both large and small.
Vigilant Software is a GRC International Group subsidiary, providing alongside IT Governance, GRC e-Learning, IT Governance Publishing and other group companies a range of products and services to address the IT governance, risk management and compliance requirements of organisations to enable them to meet the commercial requirements and regulatory standards. The Group operates a one-stop-shop that helps customers source, deploy and/or integrate an appropriate mix of solutions that focus on cyber security and cyber resilience, data protection, PCI DSS, penetration testing, management standards such as ISO/IEC 27001 and ISO 22301, and Cyber Essentials.
Luke McDowell / Jenni Livesley
Context Public Relations
*** This is a Security Bloggers Network syndicated blog from Vigilant Software Blog authored by Ingrid Then-Guiraut. Read the original post at: https://www.vigilantsoftware.co.uk/blog/vigilant-launches-gdpr-manager-to-streamline-data-protection-and-compliance