Data protection is set to take an important step forward when the General Data Protection Regulation (GDPR) comes in to force May 2018. The GDPR extends the privacy rights granted to EU individuals, and places many new obligations on organisations that process EU personal data, regardless of which country they are in.
Ideagen provides software and services to help customers strengthen governance and oversight, anticipate and manage risk, and improve regulatory compliance. As a supplier of compliance based information management software, Ideagen is committed to GDPR and the principals therein.
Ideagen take this opportunity to assure our staff, partners, customers and stakeholders that we are committed to GDPR compliance when enforcement begins May 2018. A Data Protection Impact Assessment (DPIA) is underway to document the kind of personal information we hold, how this information is collected/used/stored and how it must be protected. We request the same assurances from our suppliers.
We have analysed the requirements of GDPR and are enhancing our products, processes, controls and documentation to ensure compliance with GDPR. We have issued product specific statements for Q-Pulse, Q-Pulse Risk, Pentana Performance and Easysite.
These detail GDPR specific information, including:
- Identification, search, retrieval and purging of personal data relating to an individual.
- Capture of informed consent.
- Access control, session management and password management.
- Hosted and cloud services.
Ideagen have embedded the principle of privacy first into our product and development lifecycle, understanding that all our users are data subjects, and that protecting their data is paramount. Strong encryption and fine grain access control are key techniques that assure our customers that their data, specifically user data, is secure.
We are well underway with further enhancements including consent management user journeys for authentication and data portability for subject requests. In the coming months we will release further information on how our products support GDPR compliance.
At the same time, we are interested to hear from customers about their own journeys towards compliance. It’s critical that we fully understand how customers are planning their integration of our products into their overall approach to compliance.
Contact us if you would like to discuss your journey to compliance. Ideagen's Corporate Security and Architecture Overview documentation is also available to assess the controls already in place to protect all data we hold and process.
Ideagen welcomes this opportunity to reconfirm our commitment to data protection.