The new Rever and Actecil software suite to help companies comply with the GDPR repository
In just one year, on 25 May 2018, all European companies or established in the European Union will have to comply with the new General Data Protection Regulation (GDPR), concerning the « regulation concerning the individual data privacy protection and the circulation of these data ».
However, in such a short time, to comply with the new European regulation (and stay there) is a real challenge for companies, both from an organizational and a technical point of view, as Dominique Orban, from Belgian company Rever specializing in data processing and corporate information, points out :
The multiple activities supported by IT applications, the diversity of the technologies used, the complexity of the codes and technical processes, have buried the data in very deep layers which are complex to update and to understand.
Obligations for companies
Concretely, under this new regulation, companies will have to be able to :
- respect the rights of the individual : right to information, access, rectification and deletion rights
- protect personal data against any accidental or voluntary loss, theft or misuse
- build and maintain a « record of processing » describing one or several reasons for the processing, the personal data used, the rules followed regarding data retention, the possible transfers of data, the organizational and technical measures of protection, etc.
Focus on the GDPR repository
This repository consists of three levels of description :
- « Processing » describes, from a « business » standpoint, the various activities of the company concerned by the GDPR. These processings can be automated or manual or both. The various informations are recorded by means of a specialized software providing a simple and friendly interface. The software ensures the version management and integrates tools allowing you to specify and follow the tasks to be carried out in order to reach conformity.
- the « personal data maps » describe the locations of the personal data in the various databases of the company. The matching between the name of the technical data with the name indicated within the processing authorizes the connection of the processing with the technical reality.
- the « program maps » describe the automated processing which use personal data. These maps allow you to show the use of personal data by the processes, to verify those which modify them, read them… This information is very useful to make impact analysis, for example in the case of « privacy by redesign » or when establishing a PIA (Privacy Impact Assessment)
Founded in 2004, Rever is a spin-off of the database engineering lab of the University of Namur in Belgium. Dominique stresses out that :
We specialize in addressing enterprise data and information challenges. Our unique software solutions are the product of over 150 man-years of continued innovation and R&D, in such diverse sectors as Financial and Insurance sector, Public Sector, Automotive, Aerospace…
Rever offers a range of automated solutions for the detailed understanding of existing computer applications in Europe and the USA.
Holder of 6 CNIL labels, Actecil is a French company which accompanies private and public entities in their compliance process in relation to regulations governing the use of personal data (CIL, RGPD…).
Stephane Goethals : sgo [at] rever.eu
Tel : +32 2 740 43 50
|Rever |||Rue des Pères Blancs 4||t. +32 2 740 43 50|
|1040 Brussels, Belgium||e. info[at]rever.eu|
|www.rever.eu||TVA BE 0862.383.151|