Making GDPR simple again with tools
By now, many people are thoroughly fed up with GDPR. They are not all correct in their interpretation, and may just have been bombared with negative articles about it, how it prevents people from doing business and how it makes work more difficult. None of that is true, but that's beside the point of this article. This is just about obtaining simple tooling that helps make the administration easy.
In this world, administration is an all encompassing concept. It applies just about everywhere. Physical events didn't happen if there is no record of it. This is at least the case in corporate law. Actions have to be registered so they can be reported. All of this work is repetitive and can be automated, saving you a lot of time for the 'real work. For GDPR, this can be taken care of by a tool like the "Data Subject & Security Request System" from Vuram. This has been developed using the Appian low coding platform, quick and easy.
It makes sense to use low coding platforms for this, because they allow creation of a dedicated solution for a small business area without having to go through tender process and selecting a new supplier with a new contract for a new budget. Many more laws exist for which specific solutions are needed. So making use of generic quick solution generating platforms helps to lower the cost of all these solutions.
Such platforms have been built with the latest developments in mind so they look good, work well when integrated with other solutions and are particularly effective in a web based environment.
An alternative to this is to bring the requirements back to the basics of good governance; taking care of problems and reporting on incidents is not new, nor is it something you should do only because a certain regulator requests this. This can be integrated in existing solutions, like a central incident management system and a central reporting system. Ideally, the regulators accept XML input or API (system to system) interfaces using XML or JSON. Then the information can be sent in a matter of seconds when it happens and no deadlines will ever be missed. These interfaces can also be generated withinn such low code platform because they already have libraries go generate them quickly.
The latter approach does require a holistic approach to your ICT architecture. Building new solutions all the time without considering the total cost to maintain all of these will at some point lead to impossibilities in fixing issues or upgrading solutions or it will just bring the entire card house down. This is where architectural tools come in, for example Orbus iServer.
This solution is also web based for the end users.The example above shows how an interactive map is displayed to the user, with the possibility to look at details of each of the displayed shapes in the information panel on the right. Architectural components like process flows and business rules can be exported in XML so that they can feed design of the respective solutions in solution building tools like Appian.
In case you run an enterprise that faces more and more incoming projects to keep up with legal requirements, market needs and competition, then it's time for a meeting about how the above solutions will help you make this challenge lighter and respond to each of those needs quicker.
Interesting approach Philip. I think you have hit the nail on the head with your drive to look for solutions that simplify the problem. GDPR has been underestimated by many businesses but at the same time, many consultants have jumped on the GDPR regulations to scare businesses into buying largely useless and certainly unwieldy software. Keep up the good work.