Productive24 in practice: secure personal data management

Jolanta Kozak
Productive24 in practice: secure personal data management
4 min.

How to manage personal data within an organization in a secure and responsible manner? It is definitely worth considering a dedicated IT system – GDPR Productive24.

The GDPR Regulation has imposed upon companies a number of explicit obligations related to the adequate processing of personal data. These changes affect various departments in the organization including HR, finance, administration, accounting, sales, IT, customer service and many others. Wherever personal data is involved, employees must pay utmost attention to the provisions of the GDPR, while the responsibility of entrepreneurs lies in ensuring the highest standards of data protection in the company. A tarnished reputation is just one of the risks facing companies that do not comply with GDPR requirements – penalties for data protection infringement can be very severe and can amount to EUR 20,000,000 (or 4% of the total annual global turnover for the previous fiscal year). One of the obligations of entrepreneurs (personal data controllers) is to ensure appropriate technical and organizational measures in order to comply with the obligations imposed by the GDPR. This can be achieved through implementing GDPR Productive24.

What is GDPR Productive24?

GDPR Productive24 is an IT system based on the platform Productive24 which allows secure and effective management of personal data processing in an organization. Owing to the fact that the system is based on the Productive24 platform, it is possible to quickly and flexibly modify it and adapt it precisely to the needs of a given company, as well as to the changing legal requirements or new interpretations thereof.

The basic features of GDPR Productive24

  • Easy access to data.

The solution ensures simple management of authorizations to access and process data. With the interactive dashboard, the DPO (data protection officer) can find – in one place – all important information about expiring authorizations and consents, authorization lists for selected resources pending for acceptance, as well as reported requests from data subjects and information about data protection violations, along with their processing status.

  • Notification system.

One of the important parameters taken into account when assessing the effectiveness of the data controller’s operations in the event of a breach of GDPR requirements is the response and processing time of a given notification. The flexible notification system of Productive24 enables the modelling of any multi-channel path of notifications (system notifications, e-mail, push) of new reports, as well as changes to the status of already processed reports or upcoming deadlines which require a given action. In the absence of corrective measures remedying the effects of the infringements, the system allows for an escalation path (according to an established procedure).

  • Consent and request management.

The GDPR Productive24 software supports consent management and granting authorizations to process personal data in accordance with the guidelines set out in the regulation. This enables automation of such activities as collecting specific statements with their current status and date of validity, with all consents to process data being recorded in one place. The solution also supports the processing of requests to change the scope of processed data or delete it. Thanks to Productive24’s advanced system of privileges, GDPR Productive24 can also be used to grant and control access to individual data and/or datasets either hierarchically (based on user’s specified system rights) or individually.

  • Risk management.

All incidents that threaten data security should be reported to Personal Data Protection Office (UODO) within 72 hours of receiving such a notification by the data controller. With Productive24, the process of reporting violations is clear and transparent. Additionally, the system features a risk analysis matrix, which enables the estimation of the probability of a given incident and its consequences, including corrective measures. This process helps to minimize the risk of occurrence of the given incident in the future.

  • Registers related to the processing of personal data.

GDPR Productive24 ensures easy management of current registers (register of the processing activities, register of the categories of processing activities, register of access authorizations) along with information about all activities and operations performed on personal data. This enables better control of all changes and optimization of the data management process.

What makes GDPR Productive24 so special?

Thanks to the flexibility of the Productive24 platform, all components of the GDPR Productive24 system and activities related to personal data management can be linked to any process within an organization.

The flexibility of the system enables exercising effective control over personal data processing regardless of changing circumstances. The system can be modelled to fully reflect the processes of granting and managing authorizations and other processes related to the processing of personal data in an organization. Owing to the fact that Productive24 has robotized the creation and modification of software, changes to the ready-to-use system can be implemented instantly, even within a few minutes.

In addition, all features of GDPR Productive24 are available both via a standard web browser (online, RWD technology) and in the form of native mobile applications for Android, iPhone and Windows 10 that run offline.

More than GDPR – the Productive24 application ecosystem

GDPR Productive24 allows continuous monitoring and control of the company’s personal data management process so that it is secure and effective. It can be used as a stand-alone solution or additionally equipped with ready-to-use Productive24 systems and functional modules, such as human resources management (HRM), project management, customer relationship management (CRM), budgeting, document creation and workflow, resource reservations, requests, and orders, knowledge base, training and surveys, records and registers, handling complaints, etc.

You are welcome to contact us!