Privacy is hot
Consumers are embracing digital and organisations are moving quickly to follow the demands of their customers and even taking the lead in offering new solutions for serving their customer’s needs.  Due to this change in behaviour, a massive amount of personal data is being processed within the numerous applications of these organisations. At the same time consumers and businesses are becoming aware of their privacy rights. Is their private data provided also being used for other purposes? (Social) media are eager to report on privacy issues. Reputation is at stake.

Be aware of new regulation. The European Union’s new General Data Protection Regulation (GDPR), comes into effect in May 2018. Organisations that handle personal from EU citizens (customers or employees), must comply to this regulation. It is mandatory and regulatory authorities can fine organisations the highest levels being 20 million euro or 4% of global turnover.

GDPR graphic1.png

  Cover SMART PIA factsheet.png


 
Download the SMART PIA factsheet

          Download icon.png
             PDF

Conduct a Privacy Impact Assessment (PIA)

A PIA is a method to identify and reduce the privacy risks of your organisation. A requirement of the GDPR is to conduct a PIA prior to the processing of personal data if the nature or scope of the processing involves a high risk to the individual. In our experience we see three types of PIA.

  1. Organisational PIA – to get insight in the organisational risks regarding privacy.
  2. Operational PIA – to get insight in the use of personal data in your current processes and/or applications.
  3. New Business PIA – a consistent approach to embed privacy as an organisational practice. Every new initiative needs to be checked according to the new regulation.

SMART PIA tool

The benefits

•  Fast assess the privacy impact
•  More efficient
•  Easy to manage
•  Repeatable

           
I would like to understand better, what SMART PIA can do for my organisation
Request your SMART PIA demo, click here

hand request icon.png

 

The approach      CC-Logo_CMYK_CS3.png

To support you in this GDPR challenge, Capgemini Consulting has developed a proven, comprehensive methodology and USoft the underlying SMART PIA tooling. 

  1. Secured Approach - by determining the scope and delivering comprehensive assessments.
  2. Mastering the process - by creating awareness and training for your employees.
  3. Accurate execution - by selecting a superior PIA assessment tool.
  4. Robust reporting - to decide on your next steps.
  5. Trusted compliance – with appropriate reporting and auditing in place.

            

The tooling        USoft-logo_small.png

The SMART PIA module is part of the SMART Privacy & Security Framework of USoft and contains several types of assessments. The whole idea behind SMART PIA is that organisations can configure their own way of working with the software. The default implementation is based on three steps.

  1. Triage – a quick scan of a few questions to determine if the process or application contains personal data. The outcome of the triage is high, medium or low risk. For high and medium risk you need to perform a PIA.
  2. Multiple PIA questionnaires - for performing the PIA. You can define different questionnaires based on the risk level or the region or whatever component is important for you.
  3. Great dashboard and reporting - one of the most valuable reports is an overview of the top 10 risks and gaps in your organisations based on the outcome of the completed PIA’s. For every risk or gap you can configure upfront remedial actions.