GDPR and RegTech innovation

It's great to see London-based RegTech company Pontus Vision has launched an open source and software-based product for GDPR.

The EU’s General Data Protection Regulation (GDPR) is due to come into force on 25 May 2018.

GDPR will impact every business that processes or collects data from EU citizens. Failure to meet the regulatory requirements could result in significant penalties of up to €20m or 4% of global annual turnover – whichever is higher.

The legislation will require firms to adhere to a multitude of new rules governing how their customers’ personal data is handled, processed and secured.

To effectively address upcoming obligations, including the need to respond to information requests within specified time frames, firms will need to ensure they protect their customer’s data in a standardised, complete and readily accessible manner.

Pontus Vision said its software solution, Pontus Vision GDPR, enables firms to search for any given customer and access all of the data the business holds about them in a consolidated view.

The RegTech company said Pontus Vision is designed to deliver “GCHQ-level security” even when data is stored in the cloud.

Pontus Vision GDPR is described as enabling firms to streamline and automate their data management processes, without changing underlying systems or procedures, or implementing potentially restrictive proprietary solutions.

The RegTech company extracts and tracks all of the personal data that the business holds on its customers. This empowers data protection officers to collate and analyse all of the personal data relating to a particular client.

Firms can respond to GDPR-related subject access requests (SARs) and track privacy impact assessments (PIAs), even when the data is stored in different locations and in varying formats.