Special categories of data (Article 9)
Do you know where all of your sensitive data is across all of the data sources that you control?
Ohalo helps identify special categories of data such as race, gender, religion, and more so that you can be sure to remove the data under GDPR. The Data X-Ray establishes a baseline of where sensitive data is on your systems in one click. Find sensitive data immediately on cloud services that you use Easily report on this to regulators, clients, and auditors Integrates easily with the Data Protection Router
Right to access (Articles 13-15)
Can you provide access to all of a data subject’s data upon request?
You may hold PII data about customers in multiple databases and at multiple cloud services. This makes time-bound data access requests difficult to fulfill. With the Data Protection Router you know where your data is and can show that data upon request. Queries to multiple datasources simultaneously Easy to install Map data lineage of PII across multiple databases
Right to rectification (Article 16)
Can you update all of the data about a data subject when they ask?
As with erasure requirements, rectification upon Data Subject request is very difficult even with a small company managing dozens of datasources. For large companies it is even harder. The Data Protection Router allows you to easily request data to be updated wherever data is stored. Find where data is stored Request data to be rectified through the Ohalo app or API Prove it through a blockchain-backed immutable proof
Right to be forgotten (Article 17)
Can you erase data across all of your systems and at third parties with assurance?
After establishing a baseline of what PII data is where, you can trace where that data has gone with Ohalo's GDPR data lineage tool, the Data Protection Router and request various databases and cloud file storage services to delete that data on your behalf. Hold data no longer or shorter than you should Simultaneous erasure across multiple databases Prove that you have erased data at a certain point in time
Transferring data to third countries (Article 47)
Can you consistently apply the same corporate rules across multiple entities and ensure that those rules are being applied?
Modern businesses rely on sending data across borders. Unfortunately this got much more difficult with GDPR. Ohalo's Data Protection Router allows you to deploy access controls in a consistent manner and keep track of how data is flowing across different legal entities and third parties, even if they are in different jurisdictions. Smart contract enforced identities linked to legal entities to ensure that you are interacting with the right data source under the right conditions Automatically maintained log of when data was accessed and by who output through a UI or to your own business information (BI) systems Secure from data request to data fulfillment