UtopiaR is theGDPR data protection impact assessment solution online.It’s designed to guide you to full GDPR compliancy. Now that GDPR has taken effect, it means privacy and consent rules have tightened. For local governments, dealing with sensitive personal information is a given, and it’s key that local councils respect the new data protection laws.
GDPR for local authorities gives the power back to residents and other individuals whose data is being stored. Local authorities must ensure that they’re protecting your data and therefore offer you complete transparency and control of your private data.
Gain confidence and trust with our efficient and instinctive assessment tool.
Better management of comprehensive Data Protection Impact Assessments (Art.35).
Ensure that your local council meets GDPR’s requirements for Privacy by Design and Default (Art.25), simultaneously identifying other potential non-compliant areas.
Cost effective, cloud-based solution, suited for users of all levels of competency.
Subjects Rights Requests – How will you manage them?
The EU General Data Protection Regulation (GDPR) came into effect on 25th May, 2018. It means there are stricter controls over the management and processing of all EU citizens’ personal data.
Every EU citizen will have more rights to their data: to be informed, have access, permission to rectify, restrict its processing and even object to data being used. With these new rights, you as a local authority will need to be able to present that you have responded to a citizen within a month and fulfil their request.
Our UtopiaR solution goes beyond traditional thinking to highlight and report issues and observations of your processes. UtopiaR offers valuable protection for its customers and provides you with a turnkey solution to track and log all requests and ensure they’re fulfilled on time.
We’ve made it possible for you to embed our rights request form in your own website – it only takes minutes to do. It will give your customers and clients a simple route to logging these requests efficiently with you.
UtopiaR is the solution for creating and managing your compliancy. You will receive accurate Privacy Impact Assessments, providing:
Data processing activity, and how personal data is being processed.
The categories of personal data being processed, and which personnel and/or IT systems have access to it.
Where the personal data is to be processed or stored.
Details of any third parties who may be involved in its processing.
Testing appropriate data protection training and awareness has been completed.
Detailed data flows of how all personal data moves through the various stages of storage and distribution.
Assessment against data protection legislation. This covers how the consent from the data subject has been obtained and how data breaches are to be identified and reported.
Article 25 of the EU GDPR requires “data protection by design and default”.
This approach is not new and is best evidenced by the completion of a Data Protection Impact Assessment. Which under Article 35 of GDPR is required for all data processing activities which are “likely to result in a high risk to the rights and freedoms of natural persons”.
The conducting of effective Data Protection Impact Assessments (also known as Privacy Impact Assessments) are at the heart of “Privacy by Design and Default”. Lucky for you, UtopiaR has addressed the distinct roles required for the process.
Understand and implement privacy controls in all your data processes.
Identify and escalate data protection and privacy issues that may be identified.
Reduce exposure, associated costs and legislative penalties from data protection and privacy risks.
Produce comprehensive Data Protection Impact Assessments regularly. This can be provided to the Supervisory Authority upon request.
Provide options for sharing transparency on how all personal data in your local authority is being processed with data subjects. It can build confidence and trust.
Support existing information security best practice for those who undertake risk management activities. This can coincide with ISO27001 information security certification.