Waterford Technologies for Compliance
We are specialists in Unstructured Data (Email and File) Management, GDPR, Compliance, and Archive Software. We assist thousands of client organisations globally to proactively manage Unstructured Data to best practice compliance standards. We enable organisations to make Data decisions based on their facts – bringing Unstructured Data to light and enabling analysis, plans and immediate action on the findings.
We are focused on Unstructured Data, which makes up roughly 80% of all business Data. That is a huge tick in the GDPR readiness journey.
Introduction to GDPR
The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years covering 99 specific articles. It will be enforced on the 25th of May, 2018. The penalty for major violations can be up to €20 million or 4% of your company’s annual global revenue – whichever is higher.
All EU based companies and companies that collect data of EU citizens, regardless of their location are impacted by GDPR.
We provide the complete Unstructured Data tool-set and service expertise at an attractive price, providing peace of mind that this aspect of GDPR is solved.
Our GDPR Solution
ComplyKey is our Compliance Suite which consists of SISCIN File Archiver (including a product extension SISCIN Search), MailMeter+, which combined solve your Unstructured Data and help you in your journey to becoming compliant with GDPR.
SISCIN File Archiver
SISCIN File Archiver is a seamless, transparent solution enabling secure migration of only your relevant data to its preferred destination.
- SISCIN enables visibility of server Data, driving insight for reporting and making key business decisions. The most relevant Data is clearly uncovered and important but lesser used documents are seamlessly retrievable from wherever you wish to store them.
- SISCIN ensures that wherever important but less-used Data is stored, it is secure, with bit-level encryption and a further option to split the “key store” into separate locations.
- SISCIN’S intelligent archiving empowers your Data Managers to oversee Unstructured File Data clearly.
- Immediately gain a clear view of file relevance.
- Identify redundant, obsolete and trivial Data.
- Make decisions on deletion or retention.
- Decide which relevant Data to keep on Tier 1 Storage.
- Move valuable but lesser-used Data to cheap disk archive, in whichever location you choose.
- Drive an economy of Data storage and slash storage related expense to a minimum.
SISCIN Search has searchable index capability of Unstructured File Data at its core, allowing unprecedented analysis of your Data to meet GDPR compliance standards. Clear customisable reporting dashboard give a complete overview of files, enabling immediate action to be taken.
SISCIN Search has a complex search component with full Audit Trail capabilities making it an essential tool for meeting GDPR and other regulatory requirements. Fully customisable and detailed reporting gives you full insight to your Unstructured Data, now and forever.
MailMeter+ is an email compliance and archiving client-less software solution which captures emails in real-time before compressing, de-duplicating, digitally stamping and encrypting to a secure archive location which is located on-premise or in the cloud. This allows your organisation gain full analytical insight, reporting, investigations and eDiscovery across your entire history of emails in minutes for export or review, safe in the knowledge that all of the information is stored securely with full audit trail to ensure it has not been tampered or altered.
Key GDPR Articles ComplyKey Covers
This regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system.
Any information relating to an identified or identifiable natural person … who can be identified, directly or indirectly … by reference to an identifier.
Article. 9 (1)
Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, bio-metric data for uniquely identifying a natural person, data concerning health or data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited.
Article. 12, 15, 16, 17, 19
Right to DSAR, Erasure and Portability *Probably the biggest issue for any organisation, both the Data Protection Commissioner (DPC) & Information Commissioner’s Office (ICO) believe this has the potential to become the biggest drain on resources for organisations through sheer volume alone*
- ComplyKey provides specific KEY word searches within Email and File, subject line or attachment instantaneously across the entire File/Email archive with the ability to Tag for review by your Data Protection Officer (DPO) before export to the requester.
Data subjects have the right to data portability, meaning they can request the personal data they have supplied to a controller in “a structured, commonly used and machine readable format” in order to give it to another data controller. If technically feasible, the data subject can require the current controller to transmit it directly to the new data controller.
- ComplyKey provides the ability to transfer or export any DSAR searches to either the DPO, DSAR subject, Legal & HR departments or directly to a new employer.
Data protection by design and default. The GDPR requires that employers (and other data processors) should be “audit-ready” at all times, meaning that all employer’s systems will need to be set up to ensure compliance by design.
- ComplyKey is a data protection and compliance advanced interface by design. It provides the ability to monitor email and file archive content against specific KEY word lists, send automatic notifications for the DPO to review or audit.
‘the controller shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this regulation.’
- ComplyKey gives the controller the ability to demonstrate compliance with GDPR regulations in regard to their email archive, file data, PST’s and Backups.
“controllers shall maintain a record of processing activities under its responsibility”
- ComplyKey allows your organisation to not only demonstrate full GDPR searching on email archive but also provide digital signatures for proof that the emails are unaltered, with ‘stamping’ to prove that any flagged email has been reviewed by your DPO and a full audit trail of activities by ComplyKey against file data.
Article. 32 – (a)
The pseudonymisation and encryption of personal data; (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- ComplyKey captures all emails in and out of your organisation in real time and stores in a compressed, digitally stamped and encrypted state. Any files identified as sensitive can be archived and encrypted for protection.
Data breach – 72 hour window to notify the relevant supervisory authority of the breach (Article 33). Article 33(3) specifies four requirements in such a notification: the nature of the personal data breach (including categories of data and approximate number of data subjects impacted), the name and contact details of the firm’s data protection officer, an analysis of the likely consequences of the breach, and measures taken or proposed to be taken to mitigate negative effects.
- ComplyKey puts powerful reports in the hands of managers and DPO’s rather than IT. This avoids wasting valuable technical resources for email and file investigations by giving managers the ability to quickly identify potential breaches before escalation.