AUSTIN, Texas--(BUSINESS WIRE)--IAPP Privacy. Security. Risk. 2018 – Booth 217 – BigID Inc., a leader in enterprise data protection and privacy, today introduced new consent governance capabilities to the BigID platform. The enhancements help organizations correlate consent logs from existing applications with data and people to provide a centralized view of consent without centralizing its collection.
Under the EU’s General Data Protection Regulation (GDPR), consent is one of the principal bases for lawful processing. The regulation requires organizations to obtain explicit consent from data subjects and provide clear language on what data they collect and how it is processed. Today’s consent is typically collected natively in web, mobile apps or through third party consent collection products. BigID helps companies bring diverse consent logs under one view without re-engineering applications or having to move data.
According to Gartner, “Consumer confusion and privacy-conscious consumers will likely create a great deal of difficulty for organizations needing to manage consents by constantly providing and withdrawing consent. As privacy regulations continue to change, consent management will creep to the top of the priority list.”1
With BigID’s new consent governance capabilities, organizations gain:
- Proactive compliance monitoring and policies, making it easier to identify applications not collecting consent and data subjects whose consent was violated;
- Consent expiry inspection, enabling the discovery of all records of data subjects with overdue consent;
- Data subject access requests, providing proof of consent and the comparison of consent to actual purposes of use; and
- Data mapping and records of processing activities (ROPA), to monitor consent collection by application and alert on discrepancies and initiate remediation workflow.
“In order to meet today’s evolving data privacy regulations, like GDPR and the California Consumer Privacy Act (CCPA), organizations need to be able to operationalize consent and integrate consent preferences with data processing and transfer decisions. Today’s consent management products, which essentially act as databases, cannot govern whether consent is honored by applications,” said Nimrod Vax, chief product officer of BigID. “BigID’s unique approach to consent governance enables organizations to correlate granular consent logs to individual identities and govern that the use of data complies with the consent provided, making consent a practical, proactive practice for data privacy protection.”
BigID will demonstrate its product at booth 217 at IAPP Privacy. Security. Risk. 2018, October 18-19, 2018. To learn more about BigID or to schedule a product demo outside of the conference, go to http://bigid.com/demo or contact BigID at info@bigid.com.
Disclaimer
Gartner does not endorse any vendor, product or
service depicted in our research publications, and does not advise
technology users to select only those vendors with the highest ratings
or other designation. Gartner research publications consist of the
opinions of Gartner's research organization and should not be construed
as statements of fact. Gartner disclaims all warranties, expressed or
implied, with respect to this research, including any warranties of
merchantability or fitness for a particular purpose.
About BigID Inc.
Based in New York and Tel Aviv, BigID uses
advanced machine learning and identity intelligence to help enterprises
better protect their customer and employee data at petabyte scale. Using
BigID, enterprises can better safeguard and assure the privacy of their
most sensitive data, reducing breach risk and enabling compliance with
emerging data protection regulations like the EU General Data Protection
Regulation. Learn more at http://bigid.com
or visit http://bigid.com/demo
to schedule a demo.
1 Gartner, “Emerging Technology Analysis: Consent Management,” Deborah Kish, September 17, 2018 - NOTE: This document, while intended to inform our clients about the current data privacy and security challenges experienced by IT companies in the global marketplace, is in no way intended to provide legal advice or to endorse a specific course of action.