Module: Data Protection Management

ConSense GDPR in practice

The General Data Protection Regulation (EU-GDPR) affects almost every company, as nowadays personal data are processed everywhere in some form or other. All companies and organisations that collect or process personal data must demonstrate their activities in accordance with the regulation with a comprehensible data protection concept. The implementation of the regulation is hardly possible without electronic support. With the help of our software, you can set up a transparent and reliable data protection management system that supports you in fulfilling the requirements, takes over routine activities and automates processes.

From Documentation Obligations to TOM and Processing Activities

ConSense GDPR supports you by establishing an automated management system that reduces time-consuming accountability tasks, including documentation and auditing. The initial collection of personal data takes place via workflow-supported form management. This data can be processed, for example, by categorisation or assignment according to protection requirement classes. By assigning the data protection-relevant information to the respective processes, the system offers various evaluation options and simplifies the creation of documents for the records of processing activities and commissioned data processing. In addition, the software supports data protection audits, including checklists and the organisation of planning, execution and follow-up of technical and organisational measures (TOM) for data security. Furthermore, ConSense GDPR can efficiently use parallels to quality management and create synergies.

Your benefits

Standard documentation and automated processes

The system takes over and automates time-consuming tasks and routine activities for fulfilling accountability, such as auditing, checking, releasing, resubmitting and recording employee knowledge.

Detailed Process Modelling 

The integrated process editor allows convenient and detailed modelling of processes, e.g. reporting or deletion processes. The organisational structure stored in the system enables exact assignment of responsibilities. 

Personal Data Aquisition

The workflow-supported forms management takes over the initial entry. For example: The data can be processed by categorisation or assignment according to protection requirement classes. 

Records of processing activity 

Information for the documents of the processing activities, commissioned data processing and the associated directories can be simply derived by the comprehensible and transparent relation between data protection-relevant contents and the respective processes.

Technical and organisational measures (TOM) 

Efficient organisation of the planning, administration, implementation and follow-up of data security measures takes place centrally in the system. 

Instructions

The system can also be used to clearly manage the verifiable performance of training courses and instructions for employees.

Data protection impact assessment (DPIA) 

Proven risk management mechanisms (assessment, risk matrix, etc.) are used to implement the DPIA.

Our solution for data protection management is available as a modular extension, as well as an independent solution: ConSense GDPR.