The world of privacy is changing quickly and so is your organization's technology stack. Fidesops can help you become compliant with data privacy regulation, as well as help to manage ongoing privacy operations for your company.
Privacy Request Management
Under various data privacy laws, like the General Data Protection Regulations (GDPR), California Consumer Protection Act (CCPA), or Brazil's LGPD, consumers have the right to request for you to delete or return their personal data to them within a desginated timeframe. Your organization is likely already receiving "Privacy Requests", which are also known as:
- Data Subject Requests (DSR)
- Data Subject Access Request (DSAR)
- Right to be forgotten (RTBF)
- Request to Delete
- Right to Access
- Request to Know
- Request to Opt-In or Opt-Out
It's possible you may not know what these are until you're expected to fulfill a request like this. However, your customer support team and your legal and privacy team are probably very familiar with these requests because they typically come in through support channels via email. Generally, the team responsible for fulfilling these requests is a combination of product engineering, marketing, legal, and sales because your organization has customer data stored in so many locations.
Fidesops helps to automate the execution of these privacy requests by 1) accepting and responding to privacy requests from an application of your choosing or fidesops' provided Privacy Center, 2) connecting directly to your datasets, and 3) retrieving, updating, and/or deleting data in those datasets.
Because fidesops connects directly to your datasets, it is easy to maintain a record of where you're storing personally identifiable data and other potentially sensitive data types. Keeping this updated data inventory helps reduce risk for your organization by making it simple to provide a full auditable report of your data ecosystem.
Targeted or Bulk Data Anonymization
As machine learning models require more and more data, your organization may decide to remove certain sensitive data from a dataset to be used for analytics purposes. Fidesops allows you to create a custom policy to anonymize data for any use. For example, you can pseudonymize just the email address field with a consistent hash both within a database or between different databases using deterministic pseudonymization; this way, the email address will have the same hashed value across datasets, which will maintain referential integrity for your analytics reports and dashboards.