Question

"DSGVO/GDPR-Verarbeitungsverzeichnis" in LeanIX

  • 18 July 2023
  • 6 replies
  • 248 views
R

Hi,

I was wondering, if any of you has thought about modeling your company’s “DSGVO-Verarbeitungsverzeichnis” in LeanIX. One possibility might be a dedicated fact sheet with relationships to an application and several data objects.

looking forward to your feedback

Robert

6 replies

HendrikWern

Hi Robert, 
yes, we are currently doing that - although not with a dedicated factsheet but with a set of attributes on the application factsheet. I have to admit, that we are mainly a B2B company and do not face a huge amount of GDPR related inquiries, nevertheless we found a pragmatic way to support our data privacy and HR colleagues in creating the necessary lists and overviews.
Feel free to reach out to me, if you like to discuss this further.
Best regards,
Hendrik

Thomas Schreiner
Userlevel 6
Badge +2

Hi @Robert Geisler, we had this topic in the last LeanIX customer community meeting when we discussed several ways how to integrate your RoPA / Record of Processing Activities / Verfahrensverzeichnis with LeanIX. Also, there was a presentation by McKesson at the LeanIX conference in 2017, as well as a decidated LeanIX Customer Community presentation by Endress+Hauser in 2018.

If you like, I can send you the material, and also add you to the invitation list for the upcoming Customer Community presentations. Feel free to get in touch via direct message.

Carsten
Userlevel 4
Badge

Hi @Robert Geisler ,

in collaboration with our Lawer we developed a custom Factsheet:
 

We defined the subscription roles Data Manger (accountable), Data Protection Officer (responsible) and European Data Protection Officer (responsible). We found that’s too complex to the End users to assign Processes or Data Objects. They just create it as a Process/UseCase and link it to an Application they fulfil this UseCase. On Application side we have Data Objects linked and can so identify the concrete Data Object(s) related. Perhaps this approach may inspire you.
Best regards,

Carsten

Carsten Schubert
heng
Userlevel 3
Badge +1

Hi

 

Yes we are doing it too, and modelled it with a new fact sheet type. On the Compliance Fact Sheet type we are modelling the datasubject and the datacategory as parent - child relationship:

For example:

 

Internal Employee / sensitive Data

Internal Employee / base Data

Internal Employee / webdata 

 

etc..

 

Regards

 

Hendrik

A

Hi

 

Yes we are doing it too, and modelled it with a new fact sheet type. On the Compliance Fact Sheet type we are modelling the datasubject and the datacategory as parent - child relationship:

For example:

 

Internal Employee / sensitive Data

Internal Employee / base Data

Internal Employee / webdata 

 

etc..

 

Regards

 

Hendrik

Hi Hendrik,

 

can you please give us an overview or a Screenshot what Attributes you have on your Compliance Fact Sheet?

 

Kind Regards

Alexander

heng
Userlevel 3
Badge +1

Hi @Alexander 

Currently we are not modelling any attributes on the Compliance Fact Sheet Type. Our Compliance Teams is currently working on some attributes. Currently the focus is to identify the subjects and the categories of the personal Data and then go on from there

Reply


Terms & ConditionsCookie settings
/* */