DDAM helps you to…
Satisfy the requirement for documenting data processing activity
The DDAM Data Inventory enables you to fulfil your organisation’s obligation to document your data processing activities in line with the GDPR.
Identify privacy risk within your data
The DDAM data mining capability enables you to automatically identify the incidence and volumes of personal and sensitive data located within your data – across both structured and unstructured data sources.
Manage data subject rights requests
The DDAM data subject rights management functions enable you to log and manage data subject rights requests received by your organisation. Automate the process of responding to Data Subject Access Rights (DSAR) requests, rights to erasure requests, right to rectification requests, etc. by running queries to identify matches for the data subject wherever they appear across your Data Inventory.
The GDPR Data Discovery And Management (DDAM) solution is designed to help organisations gain greater control of the disparate data assets that they have under management, in a way that helps achieve demonstrable ongoing compliance with the responsibilities for data protection that are encapsulated by the GDPR regulation.
Get an ‘at a glance’ view of your entire data landscape, combining structured, semi structured and unstructured information sources
Streamline compliance processes including risk identification and management, data minimization and data retention
System automation helps you maintain ongoing compliance post May 25th
A single, consolidated view of your data allows you to run queries and reports across your entire data estate enabling you to automate the processing of responding to DSARs
Dynamic Data Inventory
Use DDAM’s proprietary ‘indexing’ capability to create a consolidated version of all organisational data: structured (e.g. databases), semi-structured (e.g. emails) and unstructured (e.g. file systems). The scheduling functions ensure that the Data Inventory is periodically refreshed, ensuring that it remains synchronised with the underlying data as it changes and evolves.
Record Data Processing Activities
Tag data as it is loaded into the system with GDPR related metadata tags, including your processing role, the data location, the legal basis for processing etc. to build up a comprehensive record of your processing activity.
Automatically identify privacy risk with your data
Data discovery functions built into DDAM enable you to automatically identify the incidence and types of personal and sensitive data held within your data, allowing you to build a framework of effective and proportionate security controls.
Manage Data Retention
Specify a retention period for a data source, then automatically alert nominated users when the retention period is due to expire and action is required.
Continual Data Audit
Ongoing monitoring of the state of your data landscape with the automatic flagging of issues requiring attention, and analytics showing top data sources for risk, data sources by columns of personal and sensitive data etc.
Organisational Readiness Checklist
Walk through the GDPR legislation with the Organisational Readiness checklist, to help with the process of achieving compliance.
Log Data Subject Rights Requests
Use the Data Request Portal function to log data subject rights requests as they are received by the organisation.
Manage Data Subject Rights Requests
Keep track of the requests that you have received to ensure that they are dealt with in a timely way. Validate requests against the supporting identification documentation provided and either accept them for automated processing, or reject them with a recorded reason for rejection
Automatically Output Data Subject Rights Reports
When a request logged with the Data Request Portal is actioned DDAM automatically searches across all of the data sources within the Data Inventory and returns a report containing references to the records where the data subject is referenced.
The suite of management reports help you to assess response effectiveness and identify malicious requests which can be used to refuse processing.