Two companies announce GDPR solutions for managers

The upcoming enforcement of the General Data Protection Regulation (GDPR) is creating technology requirements, both for the management of data and for acquiring user consent.

Two companies have recently announced solutions for the management part: M-Files Corporation and SAS.

Based in Finland, M-Files is an information management firm with offices in Dallas and elsewhere. It’s offering a new GDPR packaged entry-level solution as a series of survey, management and assessment templates. It incorporates suggested best practices for managing policies, processes, audits, contracts, risk assessment, plans and privacy statements. The solution can run in the cloud or be installed locally.

The client company can use the templates to see, share and categorize its GDPR-relevant information for its own assessment or planning. The client company can also use M-Files’ regular information management software to search or query its customer data for, say, which records have confidential information, or to deliver records to any requesting European Union customer.

A screenshot of the M-Files user interface

Previously, Vice President of Product Management Mika Javanainen told me, his company had been offering consulting services to companies that wanted to identify GDPR challenges, after which it might bundle some of its existing point solutions or build a custom one. This work led to the development of the new tool.

Currently, M-Files said, its GDPR solution is being used by pilot customers in Europe.

Like M-Files, SAS’s GDPR product is for managers, and it doesn’t provide the kind of user consent screens that, say, Janrain’s Consent Lifecycle Management and Evidon’s Universal Consent Platform are offering.

SAS GDPR has been selling in Europe for much of the last year, but it is only being formally announced this week.

It is offered as a governance layer on top of the regular data management platform from this Cary, North Carolina-based firm. If a client company doesn’t have that platform, it will need to acquire its basic components for the GDPR layer to work.

Todd Wright, the company’s Senior Product Marketing Manager for Data Management, said the GDPR product is designed for IT, legal and marketing departments, as well as for the newly emerging roles of Data Steward or Data Protection Officer. About 80 percent of the product’s nearly seven dozen customers are in Europe, he said, while the rest are in the US.

A screenshot of the SAS GDPR tool’s user interface

Available via the cloud or an on-premises installation, the SAS solution is designed to support “five steps to sustainable GDPR compliance”: access data, identify personal data, govern via privacy and access rules, protect the data via encryption and other means and audit the data.

Through its integration with the data management software, SAS’s GDPR layer offers standard as well as customizable options for those steps, such as creating a data dictionary for consistency. For instance, a company might choose the option to track where a piece of personal data like an email address has lived, a function supported by the data management tools.