MANAGE PRIVACY. DEMONSTRATE COMPLIANCE.
DPOhq – Enterprise Privacy Management
DPOhq enables organisations to implement the processes and controls required to demonstrate and manage ongoing GDPR compliance.
DPOhq is effectively the DPO’s control centre, a single interface through which all privacy matters can be managed.
Explore DPOhq features below:
GDPR Compliance Audit
DPOhq enables the DPO assess their organisational compliance readiness and demonstrate accountability.
DPOhq enables privacy professionals to prepare for GDPR compliance with a comprehensive questionnaire based GDPR readiness audit with automated recommendations. Audit findings can easily and quickly trigger mitigation or remediation actions which can be assigned to the relevant personnel and tracked to completion.
Use the DPIA screening assessment tool prior to implementing new technologies, processes or projects. The results of your screening assessment will determine whether or not a full Data Protection Impact Assessment will need to be conducted. Should the system recommended it, complete the DPIA. Complete the assessment yourself or assign questions or sections to the relevant individuals or departments in your organisation. Use your DPIA findings to identify privacy risks. Analyse the risks to establish a risk score. Determine appropriate mitigation or remediation actions and assign them to the relevant individuals. Track actions to completion and maintain a full time/date stamped audit trail of all activity.
Data Processing Register
Under Article 30 of the General Data Protection Regulation (GDPR), organisations are required to maintain up-to-date internal records of their data processing activities. Organisations will be held accountable for compliance with record keeping requirements, with equal responsibility given to both data controllers and data processors.
Use DPOhq to analyse each data processing activity and ensure you can demonstrate that processing activities have a valid legal basis. DPOhq maintains a detailed inventory of all data processing activities and supports your Article 30 obligations.
Our Policy Management tool ensures what you say on paper translates into your operations. Quickly and easily disseminate policy and procedure documents to your workforce. Track and record reading and acknowledgments. DPOhq comes pre-loaded with a suite of template policies and procedures.
Data Processor Management
Maintain a log of all processors and sub-processors and ensure all regulatory requirements are captured in contracts and data processing agreements. Automated notifications and alerts ensure data processing agreements are in place for each data processor or sub-processor. Link processors to processing activities.
Identify, Assess, Mitigate, Monitor. Take a risk based approach to operationalising GDPR with our risk management tool and risk register.
Identify privacy risks. Analyse the risks to establish a risk score. Determine appropriate mitigation or remediation actions and assign them to the relevant individuals. Track actions to completion and maintain a full time/date stamped audit trail of all activity.
Manage and track both document and classroom training events using our training feature. Initiate either document training events or scheduled classroom training sessions. Monitor and record receipt, reading and acknowledgment of policies, procedures and handbooks etc. Training events can be triggered by an incident or breach.
Log and investigate all data breaches and incidents. Assign and track mitigation and remediation actions. Link incidents and breaches to relevant policies and procedures and trigger training events where required.
Subject Access Request Log
Log and track all data subject access requests using our subject access request tool. Generate actions and assign them to the relevant individuals or departments.