AUSTIN, Texas--(BUSINESS WIRE)--IAPP Privacy. Security. Risk. 2018 – Booth 217 – BigID Inc., a leader in enterprise data protection and privacy, today introduced new consent governance capabilities to the BigID platform. The enhancements help organizations correlate consent logs from existing applications with data and people to provide a centralized view of consent without centralizing its collection.
Under the EU’s General Data Protection Regulation (GDPR), consent is one of the principal bases for lawful processing. The regulation requires organizations to obtain explicit consent from data subjects and provide clear language on what data they collect and how it is processed. Today’s consent is typically collected natively in web, mobile apps or through third party consent collection products. BigID helps companies bring diverse consent logs under one view without re-engineering applications or having to move data.
According to Gartner, “Consumer confusion and privacy-conscious consumers will likely create a great deal of difficulty for organizations needing to manage consents by constantly providing and withdrawing consent. As privacy regulations continue to change, consent management will creep to the top of the priority list.”1
With BigID’s new consent governance capabilities, organizations gain:
- Proactive compliance monitoring and policies, making it easier to identify applications not collecting consent and data subjects whose consent was violated;
- Consent expiry inspection, enabling the discovery of all records of data subjects with overdue consent;
- Data subject access requests, providing proof of consent and the comparison of consent to actual purposes of use; and
- Data mapping and records of processing activities (ROPA), to monitor consent collection by application and alert on discrepancies and initiate remediation workflow.
“In order to meet today’s evolving data privacy regulations, like GDPR and the California Consumer Privacy Act (CCPA), organizations need to be able to operationalize consent and integrate consent preferences with data processing and transfer decisions. Today’s consent management products, which essentially act as databases, cannot govern whether consent is honored by applications,” said Nimrod Vax, chief product officer of BigID. “BigID’s unique approach to consent governance enables organizations to correlate granular consent logs to individual identities and govern that the use of data complies with the consent provided, making consent a practical, proactive practice for data privacy protection.”
BigID will demonstrate its product at booth 217 at IAPP Privacy. Security. Risk. 2018, October 18-19, 2018. To learn more about BigID or to schedule a product demo outside of the conference, go to http://bigid.com/demo or contact BigID at firstname.lastname@example.org.
Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About BigID Inc.
Based in New York and Tel Aviv, BigID uses advanced machine learning and identity intelligence to help enterprises better protect their customer and employee data at petabyte scale. Using BigID, enterprises can better safeguard and assure the privacy of their most sensitive data, reducing breach risk and enabling compliance with emerging data protection regulations like the EU General Data Protection Regulation. Learn more at http://bigid.com or visit http://bigid.com/demo to schedule a demo.
1 Gartner, “Emerging Technology Analysis: Consent Management,” Deborah Kish, September 17, 2018 - NOTE: This document, while intended to inform our clients about the current data privacy and security challenges experienced by IT companies in the global marketplace, is in no way intended to provide legal advice or to endorse a specific course of action.