The General Data Protection Regulation (GDPR) has raised the data protection bar for companies with data on citizens of the European Union (EU). On the contrary, dFakto believes that GDPR is an opportunity to improve data management and processing above all within the data subject, client, and partner relationships. With 17 years of data management experience, dFakto has designed an open, agile, and scalable GRC and GDPR governance and compliance solution that delivers proactive and reactive data management and introduces no additional risks, while undergoing the journey to GDPR compliance. "We allow our client to simply assess and drive resolution of any risks and actions across their entire portfolio while leveraging democratized (delegated) next-generation data governance (increase simplicity to increase involvement)," states Thibaut De Vylder, the CEO of dFakto.
In the process of attaining GDPR compliance, many businesses face unexpected GDPR-related workload to be achieved promptly after the initial GDPR Assessment. For instance, a Subject Access Request (SAR) to be answered in 30 days or data breaches requiring communication within 3 days. The lack of the right solution hampers the businesses' ability to stay organized and effectively reduce risks while also endangering the businesses to fines from data authorities.
Also, complaints from unsatisfied data subjects negatively impact an organization's productivity and brand reputation. To address these challenges, dFakto offers a data-driven management ecosystem and complete end-to-end products and services to minimize the customers' GDPR compliance issues while focusing on their competitive data advantages. One such solution is dFakto’s GDPR360 platform. It manages both complex risks and actions portfolios, providing one single view of all risks, associated actions, action owners, due date, and KPIs in a very simple, fast, and intuitive user interface that relieve human resources from compliance issues. Besides, GDPR360 leverages EU-promoted ‘pseudonymisation’ practices to eliminate the possibility of burden. The application also cross-checks any data source compliance, and triggers new actions in case of anomalies. Therefore, a huge amount of effort is saved and the efficiency of Data Protection Officers (DPOs) and action owners is enhanced.
“Having started as a data-driven management company dFakto is already far ahead in the game with regards to GDPR compared to its competitors,” quips De Vylder. GDPR being the first regulation of a series that emphasizes Data Governance for all organizations with European data subjects, dFakto is preparing for future regulations in the field and the need for flexible and scalable solutions considering the probable shortage of GDPR dedicated resources. dFakto focuses on keeping businesses innovative and proactive, instead of focusing only on GDPR. dFakto’s other solutions such as Transformation360 and Customer360 help organizations dynamically address respectively digital transformations and customer-centric needs. "Our GDPR solutions are made of a downsizing of our Governance range of piloting and analytics tools and therefore are 'Regulation Ready' for future ePrivacy and other frameworks such as ISO2700," remarks De Vylder.
Thanks to dFakto solution, Amnesty International Belgium, French section, is currently on the process of becoming compliant, and the first benefit is the increased level of the GDPR team's performance dealing with assessment deliverables being implemented in its GDPR360 application. It allows Amnesty's GDPR team to handle regular GDPR governance meetings saving a lot of resource effort. At any time, they can issue reports to demonstrate their GDPR related activities.
The company aims to build an end to end GDPR value chain to continue helping the client's journey to achieve GDPR compliance. dFakto is on the lookout for Value Added Resellers or representatives to increase their market coverage. "We may also soon announce a global partnership with a big firm that has selected our tools and methodologies to build their own GDPR Value Proposition," concludes De Vylder.