General Data Protection Regulation - from Zero to Compliance

Are You able to Demonstrate Compliance with GDPR?
Use Dragon1 for GDPR Assessment and Compliance Reporting

General Data Protection Regulation is a new EU regulation. It is aimed at unifying the way personal data is protected, imported and exported.

Companies have to be able to show how they treat and protect personal data of customers or members, especially sensitive data, in business processes and software applications.

Sensitive personal data are data like social security number, birthday, religion and union membership. These data must be protected in your databases at all times. For instance to prevent identity theft and other abuse of data.

Using Dragon1 for GDPR

Dragon1 is a platform for creating and generating visualizations and reports on how you as organization treat, protect and make use of personal data in business processes and software applications.

Part of Dragon1 is a modeling language for business processes and information systems. The Dragon1 modeling language is fit for purpose to model and analyze all data in your organization compliant to GDPR. It contains all kinds of entity classes and the ability to model where what data is treated and protected in processes and applications. This enables you to visually check all of your processes and application for compliancy on GDRP business rules:

  • Model and analyze your processes on Dragon1 - And see how they treat and protect sensitive customer data.
  • Model and analyze your applications on Dragon1 - And see how they treat and protect sensitive customer data.

Process Framework for GDPR

Below is a process framework that guides you as organization to become GDPR compliant.

It defines four areas of attention that should be addressed in order to successfully comply at one point in time to GDPR:

  • Quick Check
  • Conceptual Design
  • Implementation
  • Program Management

Dragon1 supports teams in their collaboration to perform this work:

General Data Protection Regulation (GDPR)

GDPR Assessments and Overviews

Dragon1 supports generating overviews for GDPR. With this you can easily assess your current state situation, you can report progress and you can improve the compliance in your organization.

Using Dragon1 you will be able to either demonstrate your compliance or report progress on becoming more compliant.

GDPR Process Landscape Example

Below is an example of a GDRP Process landscape. The landscape shows processes and per process the ownership attribute is highlighted and the value of the attribute is shown. The color red shows where in this case ownership is missing for a process.

In this way you can quickly assess your own current situation with regards to GDRP legislation.

Click on the visualization to go to the Content Viewer. Next, click on a process and then on an attribute (in the list at the left bottom of the menubar) and view a live example of a GDPR report.

GDPR Reporting Example

Below is an example of a detailed GDPR excel report on compliancy of rules.

Based on this report you can project the current state and its progress on your process landscape and your application landscape.

Completeness of Reports

An General Data Protection Regulation (GDPR) overview, to be effective, should provide at least the following:

  • A common vocabulary
  • A list of business rules used
  • A set of systems and databases
  • Data objects and their sources
  • Process owners and data owners
  • Breaches of GDPR rules
  • Actions and measures to solve the breaches

By creating and generating GDPR landscapes and overviews on Dragon1, you are ensured that your reports will be complete.

Read Also

You may also be interested to read about this:

Got Interested?

Are you interested in using Dragon1 for GDPR at your company?

Please contact us via info@dragon1.com or call +31 317 411 341 (during business working hours in The Netherlands).

We are happy to discuss your needs and arrange a demo, proof of concept or pilot. With this you will get acquainted with and become confident in using Dragon1 for GDPR.