With the increasing global risk from cyber-attacks and other security breach incidents, privacy laws worldwide have become increasingly strict with respect to incident response reporting. For example, Article 33 of the EU GDPR requires controllers “without undue delay” to report personal data breaches to their supervisory authority and where feasible, not later than 72 hours after learning of the breach. The controller also has to notify everyone who has been affected by the breach, where the data breach is likely to result in a high risk to their rights and freedoms.
For many organizations, determining the “why, where, who, what and when” of a personal data breach within 72 hours may prove a daunting task if they do not have an expert incident response system already in place. In order to help organizations relying on the TrustArc Privacy Platform for privacy management compliance meet increasingly strict global incident response requirements (including the GDPR 72 hour requirement), TrustArc has entered into a strategic partnership with RADAR Inc.
The patented RADAR Breach Guidance Engine™ automates multi-factor incident risk assessments, ensuring consistent and defensible response decisions. It leads users through an intuitive workflow that profiles and scores data privacy and security incidents and generates incident-specific notification guidelines.
Example of RADAR decision-support guidance, following a Multi-Factor Risk Assessment
This automation speeds up the decision process and helps ensure compliance with U.S. and international data breach laws, including the GDPR, as well as with contractual notice obligations. Incident details, assessment results, and notifications are stored in a central repository, for compliance reporting as required. The RADAR solution also is supported by a database of global data breach notification laws.
In a press release announcing the strategic partnership, Chris Babel, CEO of TrustArc, stated that “RADAR’s incident response management solution is an ideal pairing with TrustArc’s industry-leading privacy management platform. Together, we are delivering a superior solution to customers who operate under increasingly stringent global compliance requirements”.
The TrustArc Privacy Platform addresses critical privacy program functions including creating data inventories, conducting risk assessments, managing consents, handling individual rights management and providing transparency. The strategic partnership with RADAR Inc. adds a best-of-breed solution for planning and responding to data breach incidents.