GDPR Privacy Policy Regulation and Its Support in ATTIS SW

The GDPR Regulation introduces a number of new obligations into existing privacy policy systems and significantly tightens its governance and security rules. GDPR is primarily about properly set up and functioning processes, on an organisation’s risk management capabilities, and therefore, the privacy policy system is an integral part of the entire Integrated Performance Management System, which ATTIS SW specifically supports.

ATTIS SW has been recently expanded beyond the standard functionality for process and risk management with additional “GDPR functions” to help organisations meet GDPR regulation requirements both before and during personal data processing.

From the GDPR perspective ATTIS SW allows:

  • defining PROCESSES that organisations must ensure and determine a worker’s competencies and responsibilities
  • maintaining a PERSONAL DATA PROCESSING REGISTER with the required information:
    • personal data category
    • personal data subjects category
    • legal grounds for personal data processing
    • personal data processors and third parties
    • purpose of processing
    • technical and organisational measures
    • storage time
    • scheduled deletion time
    • automatic processing
  • identifying and recording WHO, WHERE and with WHAT personal information works
  • keeping a RISK REGISTER related to personal data processing and conduct their ANALYSIS
  • to generate reports:
    • Information for the data subject regarding their personal data processing
    • Assessment of the impact on the personal data protection