Use LOG to protect your company data

We offer a solution that is a set of good practices for personal data management and company data protection. The LOG software supports the culture of safety in the organisation while at the same time helping to meet the requirements of the GDPR Regulation.

Module for personal data management

The GDPR Registries module requires the purchase of a license for LOG and Helpdesk software in the Standard version.

  • Risk management;
  • Risk analysis (DPIA);
  • Business Process Management (Processing Activity Register);
  • Authorisation register;
  • Processing contract register;
  • Data Collection Management (Data Collection Register);
  • Register of access to the filing systems;
  • IT system management;
  • Location management;
  • Document management;
  • Training management;
  • Application for granting access to processing activities;
  • Application for receiving/modifying access to processing activities;
  • Application for granting access to the data filing system;
  • Application for withdrawal/modification of access to the data filing system;
  • Application for employee training;
  • Registry of security incidents;
  • Security incident reporting form;
  • New data filing form;

Benefits of having the GDPR Registries module

SOLUTIONS

LOG is a tool that minimises the chances of violations, thanks to technical and organisational solutions.

EXTENSIONS

This module allows you to manage additional registers, as well as flows and request forms in the Helpdesk, e.g. the Personal Data Security Policy template.

SUPPORT

Advice from an experienced consultant (min. 5 years of experience), certified in areas related to security or IT service management.

KNOW HOW

We also offer access to the expertise and experience of information security experts in organisational and technical solutions.

Dataset registers

Simple possibility to manage all datasets gathered in the form of a registry in one central location. It defines the storage locations, persons with access to the files, dates of granting and receiving access, along with a full history of changes. Additionally, the system allows for recording all kinds of activities performed by ABI/ADO/IOD in the dataset registries.

Permissions management

Ready-made processes that enable granting and revoking employee rights to IT systems and/or personal data sets by means of acceptance requests.

Record-keeping of training courses

Includes ready-made processes for employee qualification for training together with registration. It also includes information on when and what kind of training the employee has received (e.g. personal data protection training).

Authorisation documents

Ready-made authorisation documents that can be accepted by employees in electronic form. The system also enables printing (including saving to PDF) of the permissions card document held by the employee, which contains instructions related to confidentiality.

Infringement reports

Every employee has the opportunity to report a breach of information security (security incident) together with a description of the details of the incident.

Notifications

The DPO, or other authorised person, receives notification of any personal data breach incident.

GPDR-related flows

The system has built-in workflows that can generate:

  • a request for granting permissions;
  • a request for revocation/change of permissions;
  • a report of an information security incident;
  • a data filing request;
  • a request for access to data;
  • a request for deletion of data;
  • training for the employee;
  • (create) an account for a new employee.

Control of unwanted programs

Configuration of the LOG mechanism, which detects unwanted computer programs in the company, which may cause a reduction in the level of security.

Control of access to external data carriers

Configuration of the LOG mechanism, which detects the connection of an unauthorised data carrier to a computer device in the company.

Blocking unauthorised processes and websites

Configuration of the LOG mechanism, which enables blocking unauthorised processes (programs) and websites on company computers.

Monitoring of operations on data files

Configuration of the LOG mechanism, registering each step of creating, deleting and copying files on a computer device in the company. Monitoring of users’ logins enabling supervision over users’ logins to computer devices.

Monitoring of anti-virus systems

Configuration of the LOG mechanism, which detects deficiencies in the installation of antivirus programs, automatically creating incidents of breach of security procedures.

Regulation

On 25 May 2018, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (general data protection regulation) became applicable.

New provisions

The new provisions on personal data protection are not only threats of penalties for violations and inspections by the Personal Data Protection Office. Above all, it means increasing citizens’ awareness of their rights and the protection of their privacy. Implementation of GDPR provisions in the company is not only a legal obligation, but also a culture of work that goes hand in hand with care for the customer and co-workers.

Processing Activity Registry

According to Article 30 of the GDPR, every organisation that processes personal data must have a registry of its processing activities. LOG fully complies with this obligation!

Record security incidents

Manage risk

Register access to datasets

Manage permissions

Manage processing record

Send/receive applications and authorisations

Manage training courses

Manage IT systems / locations / documents