Our client has a great reputation in helping their clients with these issues on an advisory basis, but they believe there is a much bigger play in building the starting point of a system that would organize the extent of a clients
We built an ontology that can tie specific paragraphs of regulation to specific application systems, databases, and fields to resolve privacy requests at the record level. The secret to being able to do this, is draconian simplification of the facets that make up the regulations, which provides a tractable level that makes it feasible to tie applications, databases, and fields to a small set of categories.
We worked with their development team who were building a sample dashboard to show how a hypothetical company would organize their response to the GDPR and CCPA regulations. We loaded the triple store with data from the “real world” regulations themselves as well as synthetic data that was created by anonymizing surveys and profiles taken from existing clients.
We were able to help them build a prototype of a system that could go into a client, harvest, and organize their data and cross reference it to the regulations that pertained. Our collective goal would be to uncover a joint client to implement.