InfoComply introduces new features for SFDC customers in Data protection enabling path to faster privacy compliance
Infocomply – Privacy protection Application, enables SFDC CRM customers to comply with privacy regulation efficiently across all domain cloud applications.
Many data protection and privacy regulations require you and your company to honor people’s requests about how you use their data. Some of the regulations mentioned below are important to companies that collect and process their customers’ data.
• General Data Protection Regulation (GDPR), European Union
• California Consumer Privacy Act (CCPA), United States
• Personal Information Protection Act (PIPA), Japan
• Privacy Act, Australia
• Personal Information Protection and Electronic Documents Act (PIPEDA), Canada
Individual rights to comply with are as follows:
• The right to be informed , The right of access
• The right to rectification, The right to erasure
• The right to restrict processing , The right to data portability
• The right to object, Rights related to automated decision making and profiling
Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under privacy regulations.Collecting organizations must provide individuals with “privacy information.” Also, these organizations are required to spell out the purpose for processing their personal data, retention periods for each personal data, and who it will be shared with.
Challenges enterprises face today are:
1) The time taken to address privacy requests exceeds the stipulated time, leading to potential penalties
2) Lack of Automation tools to discover customer’s contact data, standardize the process, get approval, and complete data subject/customer’s request
3) Enterprise-level scaling to process the requests
These challenges often cost organizations a huge sum of money. A recent study published estimates each privacy request costs anywhere from 1k – 1.5k.
Infocomply security & privacy compliance software
At Infocomply, we understand these challenges. We have made it easy for organizations to handle privacy requests for SFDC customers significantly reducing processing time by 50%. Enterprises can now process customer information and respond to users within the stipulated regulation time.
Need for an integrated solution for all SFDC domain clouds –
• Nuances of different clouds & systems where the remnants of data do exist
• Knowing up front where all spots data exists actoss all clouds, and applying the right mechanisms to perform the relevant action is important.
• To process privacy requests in unison across the enterprise improving customer experience.
Key features include:
Privacy Request portal to take several requests mandated by different regulations
ID verification solution to make sure requester is trustworthy
Data Discovery Module with integrations to all SFDC clouds, middleware, and other enterprise systems.
Out of box workflows with additional customization capabilities
Integrations with third-party data processors to have them adhere to the same privacy requests
A detailed description of how it will help
Typical processes used to complete privacy (data subject) request:
• Discovery. The process of determining what data is needed to complete a DSR.
• Access. Retrieval and potential transmission to the data subject of discovered information.
• Rectify. Implement changes or other requested personal data changes.
• Restrict. Changing the access or processing of personal data by restricting access or removing data from systems.
• Export. Providing a “structured, commonly used, machine-readable format” of personal data to the data subject, as provided by the regulations “right of data portability.”
• Delete. Permanent removal of personal data
As part of any right to requests, the first key element is discovering information in the enterprise CRM and other systems. Infocomply seamlessly connects to other systems to search for contact information and its attributes.
For the discovered data streams, we have end to end workflow built with notifications for various regulations. With easy integrations to IT service systems, our right to access request module does create tasks/activities based on each data system discovered. Use our approval process to confirm the operation from relevant stakeholders.
One stop solution for any SFDC cloud Data subject requests
Sales cloud & CPQ, Service Cloud, Communities, Salesforce platform, Marketing Cloud, Commerce Cloud, Financial services cloud, Health Cloud, Pardot, Analytics, Quip, Heroku.
Based on the data record found, the system maps control action framework automatically and assign activities to relevant teams to perform. System maps’ actions are based on where data is found and request the type from the consumer. The outcome is that teams can efficiently do their work without thinking twice and establish a common framework across the enterprise system.
Typical SFDC entities considered for data protection:
Employees: Stored in users objects and user activities primarily
Prospects: Stored under leads object
Customers: Stored under Contacts object
Sources to look for beyond objects are
1) Personal data in free text fields
2) Inbox
3) Einstein activity & events
4) stored in metadata
5) other transaction records like quote, contract,cases and orders
6) debug logs
For text not supported in the global search, you can generate reports and view any data existence by downloading reports. Companies can also comply with customer requests to opt-out of sharing their personal information with third parties.
To help you assess your compliance with data protection and privacy regulations, our application helps you determine the best way to comply with the regulations that apply to your company.In cases of data processed with third-party integrations, Infocomply will assist in request process to automate the requests to the vendors to adhere to data subject requests.
SFDC Admin/Developer Usecase matrix
| Usecase | InfoComply – Features |
| Configuring privacy request intake form & integration | Out of box feature set with portal connectivity via website or idataChoice. |
| Validating contact with photo ID verification | Out of box feature set in iDatachoice for auto validation of ID with user information; before the request comes to CRM system for action |
| Discovering contact information across clouds | One click Discover enterprise feature across SFDC clouds, Admins gets to configure integration |
| Discovering contact information from enterprise systems or cloud applications | Middle ware ready integration, with standard JSON format |
| Steps to address to each data subject request | Pre-built flows for each right to request to guide admins or users to work on the request. Ability to customize further. |
| Enable workflows for approvals with related busines teams or data steward’s | Out of box workflows for approvals to complete the request |
| Enable workflows and notifications for each regulation type and request type | Out of box notification templates for key privacy regulations |
With listed InfoComply feature set, SFDC admins/developers can quickly enable right to request workflows, fulfill requests on-time, and scale to enterprise needs.
Contact us at hello@www.infocomply.com for a quick conversation on how we can help you to effectively comply with privacy&security regulations
