Sypher Suite is a DPO Virtual Assistant that helps businesses simplify their GDPR compliance analysis and prevent expensive mistakes.
The platform acts like a DPO Assistant who collects the pieces of information necessary for GDPR compliance process from Data Stuarts. This Virtual Assistant is also able to make correlations between different pieces of info introduced in the platform by various departments like Business or Legal and to further offer suggestions based on the data collected so far. It works on algorithms based on patterns and it breaks the information in smaller chunks.
But let’s see, step by step, how Sypher Suite can help your company achieve and maintain GDPR compliance, from the data discovery to DPIA.
The first step towards GDPR compliance is to create the GDPR register. That means identifying and describing your business activities that use personal data. The Register forms the basis for all your compliance analysis. That’s why it’s important to make sure that the process is carefully carried on. Any mistake here will be reflected later in the documentation. Sypher Suite provides step by step guidance to help you import or create your GDPR register.
Once the mapping is done, the business processes, processing activities and mapping elements are seen as logic schemes to facilitate further analysis. Your GDPR register structure can be customized and exported in different formats.
You always have to remember that GDPR compliance is an ongoing process. Departments need to perform modifications within the register, as a result of different changes in the company. The platform sends email notifications for you to review information when: risk changing modifications are performed; reviews are due; mapping elements are introduced but not used within the mapping.
Usually, GDPR compliance process involves many people in the company, so differences may occur. A usual problem appears in the mapping stage where people use different words for the same thing. In Sypher Suite you can predefine lists to standardize the vocabulary used in the mapping and register. Moreover, they can be shared across multiple projects to ensure reporting consistency.
Another problem is that information flows through different channels and is stored in various places, leading to fragmentation. Sypher Suite acts as a central repository where everything is organized, with history and traceability.
Data accuracy can be challenging in large projects. The platform provides a mechanism to ensure information is reviewed and approved before being included into final documentation. Most of the personal data processing is performed by people with little or limited GDPR knowledge. A formal and continuous training is therefore needed to make sure these people won’t make mistakes that could lead to company’s lack of compliance.
The DPO can use the platform to quickly document the processing activity and train these colleagues. There is also a mechanism to create individual accountability within the business departments. Accountability is enhanced by the fact that changes are kept in a log of modifications, identifying who performed them.
Last but not least, Data Subjects Requests could be a potential source of complaints or even fines, when not managed properly. Sypher Suite provides a tool to register and assign tickets for each request. Tickets can also be automatically added to the platform using the API. The DPO is also notified when the deadline to answer a request approaches or if the person in charge of a ticket is not active anymore.
If you want to see in detail how our Virtual Assistant can support your business, contact the author in LinkedIn.
Sorin Vladescu | Bucharest, Romania | Helping companies to identify GDPR errors and risks with the help of Sypher suite – Virtual GDPR Assistant.