According to the new General Data Protection Regulation (GDPR) that will take effect on May 25th 2018 all companies and organizations need to manage personal data legally, correct and in an open way towards the registered person.
This means that there is a need for analyzing the organization to identify where personal data is stored, how they are being handled and who is handling them. By describing the processes in the organization in 2c8 you can easily complement them with objects and information that meets the demands of GDPR. In 2c8 there are possibilities to document who we are handling personal data for, what registers contain the data, where in our processes we handle personal data and what roles are handling them.
Not only can you publish this to the intranet but also extract in lists, matrices and reports to help you analyze and estimate risks on the basis of GDPR. The analysis and estimation of risks will likely result in the need of adjustments in processes and systems. Both the analysis, documentation and the prioritizing of adjustments can be done in 2c8.
Some processes needs to be adjusted, some new processes needs to be created. The map of the system and its integrations gives us an overview of where personal data is being stored and sent. Roles are added to the organizational scheme. All of this is accommodated and can be handled in 2c8.
It is not a module that need to be bought in addition to 2c8, it is just a method that structured can be built with 2c8 standard functionality.
See what this customer has to say about the solution: