arrow_back
All Blog Posts
Newsletter
February 7, 2022

Concord Privacy News: 02/07/22

Concord serves as a Data Privacy Week Champion and dramatically expands upon their data systems functionality.

Concord Serves as Data Privacy Week Champion

In recognition of Data Privacy Week two weeks ago, Concord signed on as a Data Privacy Champion, marking its dedication to empowering individuals and encouraging businesses to respect privacy, safeguard data, and enable trust. Sponsored by the National Cybersecurity Alliance, the annual Data Privacy Week helps spread awareness about online privacy and educate citizens on how to manage their personal information and keep it secure. Data Privacy Week also encourages businesses to respect data and be more transparent about how they collect and use customer data.

Data Privacy Week is a good reminder for all people that everything we do online generates data, including data about our interests and activities, personal data, like credit card numbers, and health data. Concord encourages people to take steps to learn about the types of data you’re generating online, and how it’s collected, shared, and used.

For organizations, respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business. In addition to our full data privacy platform, Concord also provides audit and consulting services to help you plan and implement privacy-by-design practices that provide the right controls and protections for your users, enhancing the reputation of your brand, building loyalty, and decreasing abandonment. For more information, contact us at info@concord.tech.

Latest Concord Product Release Expands Data Systems Functionality

Data System Attributes

Concord’s new data systems functionality allows companies to easily add different data systems and attributes to their organization. This is important because most privacy regulations require companies to maintain a comprehensive inventory of all the data they have about individual users. With this new functionality, companies can easily add all the data systems they use to help with data mapping, compliance documentation, and the handling of data privacy requests.

Concord’s expanded data system attributes will also provide additional functionality related to data privacy reporting, audits, and assessments. This helps with all types of specific data privacy requirements and reporting, including:

  • Record of Processing Activities (ROPA): As part of GDPR compliance, organizations are required to create and maintain a Record of Processing Activities, which includes the purposes of processing personal data, the parties to whom they are disclosing the data, how long they will retain the data, and other details.
  • Privacy Impact Assessments (PIAs): When an organization develops new projects, strategies, or systems, a Privacy Impact Assessment is a tool to identify and manage any associated privacy risks. A PIA helps organizations ensure compliance with privacy regulation, identify and evaluate the risk of privacy breaches, and identify controls to mitigate that risk.

For a full list of the different data systems we support out of the box, please visit our integrations section. You can easily add a custom data system within our Admin UI as well, but please reach out to us to let us know if there are any additional data systems that you would like to see added to the platform.

Data System Tasks

Concord’s latest product release also simplifies workflows, making handling compliance requests even easier by automating the tasks needed for fulfillment. When a company receives a verified data privacy request (get a copy of my data, change my data, delete my data, or do not sell my data), Concord creates tasks for each applicable data system in a project. Any Concord user with edit rights can complete the data system specific tasks for a data privacy request, and when all tasks are completed, the request can be marked as resolved. Once resolved, an email is automatically generated and sent to the individual who made the request. If the individual requested to get a copy of their data, the email will include a message on how the user can access the copy of their data.

On the user side, individuals can now look at the Privacy Center and see a list of any compliance requests they have submitted, the date and time the request was made, and whether the request is pending verification, in process, or completed.