SOLIXCloud Consumer Data Privacy is a suite of integrated solutions to help SOLIXCloud Common Data Platform (CDP) customers meet the growing requirements for consumer data protection. The "privacy by design" suite of solutions includes end-to-end encryption, metadata management, data profiling, data governance rules, sensitive data discovery, data masking, and data compliance to ensure all personally identifiable information (PII) is properly identified, classified, masked, and able to meet regulatory requirements including GDPR, CCPA, NYDFS, LGPD, PII, PHI and PCI.
Hipaa auditing in cloud computing enviromentParshant Tyagi
The rise of cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. With all the security and Privacy Laws in the Health Care field today anyone that works with confidential information should know how to protect that information. The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This Thesis elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics and how Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. The purpose of this Thesis is to explain the importance of HIPAA and research what it takes for Healthcare data to be HIPAA Compliant. Also, explaining what is expected of Healthcare industries if there is an audit and how does HIPAA Auditing play a big part in HIPAA compliance. The Cloud is a platform where all users not only store their data but also used the services and software provided by Cloud Service Provider (CSP). As we know the service provided by the cloud is very economical due to which the user pay only for what he used. This is a platform where data owner remotely store their data in the cloud to enjoy the high quality services and applications. The user can access the data, store the data and use the data. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. We first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact.
Personally Identifiable Information – FTC: Identity theft is the most common ...Jan Carroza
Retailers are liable for identity theft and can be subject to fines and criminal prosecution for breach. What consumer information is considered Personally Identifiable Information (PII)? What laws should retailers be aware of? What are the 6 General Mandates that affect every retailer? What can merchants do to secure their electronic payments systems and procedures?
Hipaa auditing in cloud computing enviromentParshant Tyagi
The rise of cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. With all the security and Privacy Laws in the Health Care field today anyone that works with confidential information should know how to protect that information. The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This Thesis elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics and how Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. The purpose of this Thesis is to explain the importance of HIPAA and research what it takes for Healthcare data to be HIPAA Compliant. Also, explaining what is expected of Healthcare industries if there is an audit and how does HIPAA Auditing play a big part in HIPAA compliance. The Cloud is a platform where all users not only store their data but also used the services and software provided by Cloud Service Provider (CSP). As we know the service provided by the cloud is very economical due to which the user pay only for what he used. This is a platform where data owner remotely store their data in the cloud to enjoy the high quality services and applications. The user can access the data, store the data and use the data. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. We first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact.
Personally Identifiable Information – FTC: Identity theft is the most common ...Jan Carroza
Retailers are liable for identity theft and can be subject to fines and criminal prosecution for breach. What consumer information is considered Personally Identifiable Information (PII)? What laws should retailers be aware of? What are the 6 General Mandates that affect every retailer? What can merchants do to secure their electronic payments systems and procedures?
In this work we highlighted some of the concepts of data privacy, techniques used in data privacy, and some techniques used in data privacy in the cloud plus some new research trends.
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
"Security, Privacy Data Protection and Perspectives to Counter Cybercrime" was presented at the CodeGate 2008 security conference in Seoul, Korea, April 2008.
http://www.codegate.org/
Internet of Things With Privacy in MindGosia Fraser
Short presentation on privacy and data protection issues related to rapid development of Internet of Things, prepared for Privacy Lab hosted by Mozilla London
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Rome 2018Codemotion
Internet changed everyday life, even security of people and companies. The IT industry is asked to respond to possible threats with reliable security solutions. The purpose of the talk is to analyze tools and techniques to produce software that is safe for users and compliant with the law. Real cases of distributed cloud architecture will be analyzed, by combining together programming techniques, network architectures and data structures to realize pseudonymised and zero knowledge data storage and software solutions.
Personally Identifiable Information ProtectionPECB
“If we’re going to be connected, then we need to be protected. As Americans, we shouldn’t have to forfeit our basic privacy when we go online to do our business. Each of us as individuals have a sphere of privacy around us that should not be breached, whether by our government, but also by commercial interests.” These words were spoken two weeks ago by the American president Barack Obama, who urged Congress to pass a series of cybersecurity and privacy laws that will protect even more the data privacy of customers and children in schools. Once again the data Privacy and Regulation topic became newspaper headlines.
DLP is of little help when you need to share information with external partners. Forcepoint DLP and Seclore Rights Management combination work together to automatically detect and protect documents with granular usage controls as they are downloaded, discovered, and shared.
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
BigID Data Sheet: LGPD Compliance AutomatedBigID Inc
LGPD Compliance Automated:
Brazil's Data Protection Law (Lei Geral de Proteção de Dados or LGPD) establishes both a new set of obligations for companies processing personal data or using the data to provide services in Brazil, as well as a comprehensive set of individual data rights that incorporate explicit consent for specific purposes of processing. At the same time, the law also expands the definition for what data should be protected, including categories of sensitive data that require stronger protection. BigID is the first product to apply identity intelligence and smart correlation to the new privacy protection challenges, enabling companies to prepare, operationalize and automate their path to LGPD compliance
In this work we highlighted some of the concepts of data privacy, techniques used in data privacy, and some techniques used in data privacy in the cloud plus some new research trends.
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
"Security, Privacy Data Protection and Perspectives to Counter Cybercrime" was presented at the CodeGate 2008 security conference in Seoul, Korea, April 2008.
http://www.codegate.org/
Internet of Things With Privacy in MindGosia Fraser
Short presentation on privacy and data protection issues related to rapid development of Internet of Things, prepared for Privacy Lab hosted by Mozilla London
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Rome 2018Codemotion
Internet changed everyday life, even security of people and companies. The IT industry is asked to respond to possible threats with reliable security solutions. The purpose of the talk is to analyze tools and techniques to produce software that is safe for users and compliant with the law. Real cases of distributed cloud architecture will be analyzed, by combining together programming techniques, network architectures and data structures to realize pseudonymised and zero knowledge data storage and software solutions.
Personally Identifiable Information ProtectionPECB
“If we’re going to be connected, then we need to be protected. As Americans, we shouldn’t have to forfeit our basic privacy when we go online to do our business. Each of us as individuals have a sphere of privacy around us that should not be breached, whether by our government, but also by commercial interests.” These words were spoken two weeks ago by the American president Barack Obama, who urged Congress to pass a series of cybersecurity and privacy laws that will protect even more the data privacy of customers and children in schools. Once again the data Privacy and Regulation topic became newspaper headlines.
DLP is of little help when you need to share information with external partners. Forcepoint DLP and Seclore Rights Management combination work together to automatically detect and protect documents with granular usage controls as they are downloaded, discovered, and shared.
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
BigID Data Sheet: LGPD Compliance AutomatedBigID Inc
LGPD Compliance Automated:
Brazil's Data Protection Law (Lei Geral de Proteção de Dados or LGPD) establishes both a new set of obligations for companies processing personal data or using the data to provide services in Brazil, as well as a comprehensive set of individual data rights that incorporate explicit consent for specific purposes of processing. At the same time, the law also expands the definition for what data should be protected, including categories of sensitive data that require stronger protection. BigID is the first product to apply identity intelligence and smart correlation to the new privacy protection challenges, enabling companies to prepare, operationalize and automate their path to LGPD compliance
Mastering Data Compliance in a Dynamic Business LandscapeDenodo
Watch full webinar here: https://buff.ly/48rpLQ3
Join us for an enlightening webinar, "Mastering Data Compliance in a Dynamic Business Landscape," presented by Denodo Technologies and W5 Consulting. This session is tailored for business leaders and decision-makers who are navigating the complexities of data compliance in an ever-evolving business environment.
This webinar will focus on why data compliance is crucial for your business. Discover how to turn compliance into a competitive advantage, enhancing operational efficiency and market trust. We'll also address the risks of non-compliance, including financial penalties and the loss of customer trust, and provide strategies to proactively overcome these challenges.
Key Takeaways:
- How can your business leverage data management practices to stay agile and compliant in a rapidly changing regulatory landscape?
- Keys to balancing data accessibility with security and privacy in today's data-driven environment.
- What are the common pitfalls in achieving compliance with regulations like GDPR, CCPA, and HIPAA, and how can your business avoid them?
We will go beyond the technical aspects and delve into how you can strategically position your organization in the realm of data management and compliance. Learn how to craft a data compliance strategy that aligns with your business goals, enhances operational efficiency, and builds stakeholder trust.
Today organization now has to protect the data from unauthorized access not only from external users but also from internal users as the criticality of the data may be high. Seclore's Data-Centric platform offers all one advanced data protection.
The General Data Protection Regulation (GDPR) went into effect on May 25, 2018, and this has immediate implications for handling data in your big data, machine learning, and analytics environments. Traditional architectural approaches will need to be adjusted to be compliant with several of the provisions. The good news is that Cloudera can help you!
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
The objective of this workshop is to show existing Oracle Database (Enterprise
Edition, Exadata, Autonomous Database, EXACS, DBCS) customers how to
attach your Database to Data safe and gain valuable understanding of
potential risks. Using user Assessment, understand rights and entitlement of
users and review activity auditing which provides powerful insight to database
interaction. The workshop will finish with a full sensitive data discovery and
then how to anonymize date with sensitive data masking.
The workshop is delivered in an interactive way with Presentations and Hands on
Labs to ensure complete understanding.
GDPR and evolving international privacy regulationsUlf Mattsson
Convergence of data privacy principles, standards and regulations
General Data Protection Regulation (GDPR)
GDPR and California Consumer Privacy Act (CCPA)
What role does technologies play in compliance
Use Cases
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)ProductNation/iSPIRT
We believe that India is at a unique tipping point where only a fraction of its users have gone online, and a majority are yet to do so. Therefore, it is critical that we build the right set of protections and empowerments for these users as they enter the digital world.
It is equally important not to limit our thinking to simply “protection” of data. We must also question how we can “empower” individuals, who will be data rich before they are economically rich, with better access to their own healthcare data such that they can become more engaged participants and managers of their health care.
We welcome the proposed DISHA Act that seeks to Protect and Empower Individuals in regards to their electronic health data - we have provided our feedback on the DISHA Act and have also proposed technological approaches in this response
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdfCIOWomenMagazine
In an increasingly digital world, where personal data has become a valuable commodity, data privacy compliance has emerged as a critical concern for organizations across industries.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
2. Overview
Consumer data privacy is experiencing a wave of concern
and coverage over the last few years as nation-states and
judicial entities continue to roll out new regulations to
protect the privacy rights of Internet users. Numerous
regulations are now in place across different geographies
including the General Data Protection Regulation (GDPR) in
the EU, California Consumer Privacy Act (CCPA), Virginia’s
Consumer Data Privacy Act (CDPA), New York’s Department
of Financial Services Cybersecurity Regulation (NYDFS),
Brazil’s Lei Geral de Proteção de Dados Pessoais and
others.
2
3. 1. Right to be Forgotten
Businesses that manage PII must respond to consumer requests
to remove unfavorable information. This seemingly
straightforward requirement is in fact not straightforward at all, as
organizations must first be able to find the data requested within
silos of enterprise data or even hidden as orphaned objects
within database tables. Through Sensitive Data Discovery,
SOLIXCloud Consumer Data Privacy scans and locates any
and all requested data instances to be deleted.
3
4. 2. Right to Object
The right to object empowers consumers to stop or prevent
processing of their personal data at any time. SOLIXCloud Sensitive
Data Discovery enables controllers and processors of consumer data
to search multi-cloud landscapes for all instances of the data so it
may be removed from processing. Subject Rights Requests (SRR)
forms can be submitted as part of the Data Compliance module to
obtain reports on all data associated with the consumer.
4
5. 3. Right to Rectification
A consumer’s rights over their data includes the right to have
inaccurate personal data rectified, or completed if it is incomplete.
SolixCloud Sensitive Data Discovery locates all instances of the
requested data and stages the request for edit by data admins. A
comprehensive search and discovery capability is once again an
essential capability for data processors, but since the rectification
process also requires that data be updated, processors require role
based access control to limit privileged access to sensitive personal
information.
5
6. 4. Right not to be profiled
Personal data about individuals is collected from a variety of sources and
may be analyzed to classify people into different groups or categories
using algorithms such as machine learning. SOLIXCloud Common Data
Platform (CDP) provides robust metadata management, data lineage,
data catalogue, business glossary and data profiling features that enable
you to explore and understand your data better, so you may be equipped
to target and promote your products successfully without infringing on
consumer rights.
6
7. 5. Right of Access
Subject access gives individuals the right to obtain a copy of their
personal data from you, as well as other supplementary information. Solix
Data Compliance enables Subject Rights Requests (SRR) forms to be
submitted to obtain the personal data. Solix Metadata Management
provides a centralized approach to not only locate specific data objects,
but to identify related objects as well.
7
8. 6. Right to Data Portability
The right to data portability involves individuals being able to obtain and
reuse their own personal data for their own purposes. This obligation
necessitates that processors be able to move, copy or transfer personal
data easily from one IT environment to another in a safe and secure way
without affecting its usability. Solix Data Compliance & Solix Search
enable Subject Rights Request forms and data query results to be
exported in a PDF format. Audit reports including logs of all personal data
activities are also available.
8
9. 7. Right to Data Minimization
Metadata management and data catalogs help administrators explore
their data landscape to confirm the scope of data to be processed and
Information Lifecycle Management (ILM) provides data retention policies
to ensure that the data is purged (deleted) once it is no longer needed.
Solix Data Masking obfuscates data not relevant to a specific purpose,
and Solix Data Governance deploys data retention policies that ensure
erasure after a specific purpose is met. SOLIXCloud Enterprise Archiving
moves personally identifiable information through ‘legal hold’ or other
regulatory purposes into a centralized nearline archive repository.
9
10. 8. Right to be Informed
When organizations collect personal data directly from the individual, they
are able to inform the individual directly regarding the collection and use
of their personal data. When organizations collect data from third-party
sources, they still need to take the ownership to inform individuals when
the data is collected. Informing the individual can be done through
layering, dashboards and just-in-time notices (emails / smart devices), no
later than one month from when the data is collected. Solix Data
Compliance provides management tools to inform data subjects how
their information is used with preference controls to manage what data
they allow the organization to process.
10
11. The Solution - SOLIXCloud
Consumer Data Privacy
Data privacy by design is an architected approach to cloud data
management that ensures all data privacy regulations globally are met
instead of requiring different solutions for different geographies and
jurisdictions.
SOLIXCloud Consumer Data Privacy is a suite of three powerful tools
that complement the W3C open standards based security, SOLIXCloud
Common Data Platform (CDP) and the Eight Principles of Consumer
Data Privacy.
SOLIXCloud data management solutions support the eight principles of
consumer data privacy. Through privacy by design, W3C industry
standard architecture and the SOLIXCloud Consumer Data privacy
solution suite, controllers and data processors are better able to
achieve regulatory compliance.
11