The project is intended to provide a complete system solution for maintaining the essential documentation required under data protection law, particularly the Article 30 records of processing activities set out in both the EU and UK GDPR. The proposed project includes the work to overhaul our existing records and to produce a gap analysis for future changes to processes, documentation, systems, and system configuration. This solution will enable us to: • Comply with Article 30 requirements, keeping comprehensive records of data processing activities. • Create Data Flow Mapping and continually update/review the information which will enable us to understand our data lifecycle and reduce risks in data processing. • Use live Data Flow Mapping to track and/or export a specific process/data item, or assess the impact of intended changes. • Perform reviews of Data Processes. • Provide a GDPR compliant template for DPIA's, Privacy Notices and Data Sharing Agreements via a built in statement builder. Store the information with version control and support the periodic review of created agreements, utilising workflow automation. • Record and store data breaches and be able to run reports. • Streamline our internal processes, utilising workflow automation. • Record all DSAR's and rights requests and be able to manage each request end to end through the system. • Keep an audit trail of all communication. • Process sensitive data and store it securely. • Identify areas of weakness in our privacy transparency materials and policies. • Carry out vendor risk management assessments and store, review and manage the renewals via alerts.
CONTACT INFORMATION FOR THE CONTRACTOR
NAME, TELEPHONE NUMBER, EMAIL ADDRESS,
POSTAL ADDRESS AND WEB ADDRESS
information fed from tender feed information fed from tender feed information fed from tender feed