ProService Finteco, the provider of PrivacyRun solution and SylLab Systems specializing in embedded compliance for enterprise data security, signed a partnership agreement. The new partnership will allow both companies to offer Data Governance, Consumer rights handling, DSAR, Privacy Protection, and CCPA and GDPR compliance to clients within the US and the EU. PrivacyRun and SylLab expand the solution privacy compliance to HIPAA Privacy Rule.

 

SylLab Systems and ProService Finteco

 

ProService Finteco – market leader in providing technology services and solutions to mutual and pension funds, insurance companies, and banks. The company serves over 200 institutional clients and provides them Transfer Agent, Asset Valuation, Corporate Accounting, Manage Services, and IT Solutions. ProService Finteco HQ in Poland operates in Luxembourg, the UK, Ireland, the Czech Republic, Germany, and Austria. The company has successfully implemented a solution supporting companies of the regulated market in protecting privacy and compliance with the GDPR; it also offers a PrivacyRun compliance automation solution with privacy regulations for the US and EU markets.

 

SylLab Systems – embedded compliance for enterprise data security, based in Manassas, VA, was founded by cryptography and privacy enthusiasts providing data-level encryption, post-quantum security, and compliance services.

 

SylLab Systems, Inc. is venture-backed by the Center for Innovative Technology (VIPC), VentureScope, Marl5G, and Mach37. SylLab is the Ignite Grant Winner awarded as a high-growth company with deep technology roots. Compliance and cybersecurity are areas where SylLab thrives and helps our clients.

Data Protection Impact Assessment (DPIA), i.e. the assessment of the risk associated with processing of personal data should be a process designed to record personal data processing instances, assess the necessity of processing and to help manage the risks related to the rights and freedoms of individuals related to processing of their personal data. In other words, DPIA is the process of building and demonstrating privacy rules compliance.

 

DPIA reports are important accountability tools as they help data controllers not only be compliant with the GDPR requirements, but also prove that appropriate measures have been taken to ensure compliance.

 

In other words, DPIA is the process of building and demonstrating GDPR compliance but it can be used to assess the risk of processing personal data for other regulatory domains as well (CCPA in California, PIPEDA in Canada etc.).  Organizations in any regulatory domain should implement risk assessment process to control and mitigate risk related to processing of personal data.

 

The PrivacyRun system supports the DPIA risk assessment of personal data processing, in accordance with both the simplified and the full process. In the simplified mode, the system will perform majority of the tasks automatically. When choosing the expert method, a comprehensive set of questions and surveys will help the DPO perform the impact assessment.

PrivacyRun DPIA helps DPO:

To assess the level of risk, you must consider both the likelihood and the severity of any impact on individuals. The system supports risk assessment in seven main stages of the DPIA process:

 

  1. General information;
  2. Involved sites;
  3. Reliability and transparency;
  4. Rights management of individuals;
  5. Purpose limitation;
  6. Proportionality, data minimization and storage limitation;
  7. Information Safety.

High risk could result from either a high probability of some harm, or a lower possibility of serious harm. You should consult your DPO and, where appropriate, individuals and relevant experts. If you identify a high risk that you cannot mitigate, you must consult the DPO before starting the processing.

 

Personal data changes. Customers move, change names, contact points, phones and email addresses.  How can you handle all of this disparate information? The answer is to build the customer Master Customer Data Management (MDM) and Golden Record in PrivacyRun solution.  A Golden Record is the single source of truth about your customers in your businesses you can see in the Single Customer View. 

Parametrization od the deduplication engine

The “truth” is understood to mean the reference to which data users can turn when they want to ensure that they have the correct version of a piece of information. The Golden Record encompasses all the data in every system of record within a particular organization. 

One of the most difficult parts of an MDM solution implementation is the parameterization of the deduplication engine and the Gold Rrecord creation process. Consider all data sources, which fields are more reliable from which data sources, and what are the criteria that allow a field from one system to fill in an MDM field instead of another.

A Golden Record is the single source of truth

The functionality of the System enables the presentation of all collected data about the client, including the client’s personal data, current contact details, a list of products with an indication of the source system, a list of consents to the processing of personal data in accordance with the requirements of the GDPR and CCPA.

The deduplication engine allows you to create the Gold Record by automatic identification and merging of records into a Gold Record, the record has a reference to the source records from which it was created. The engine performs phonetic comparison taking into account European languages using advanced text comparison algorithms. 

The Golden Record encompasses

A Golden Record is the single source of truth about customers in your businesses you can see in the Single Customer View. The “truth” is understood to mean the reference to which data users can turn when they want to ensure that they have the correct version of a piece of information. The Golden Record encompasses all the data in every system of record within a particular organization.