Data Privacy Officer
The data privacy officer (also referred to as DPO) is a role assigned to a user to grant him sufficient permissions to access all received data privacy requests. A DPO can approve or deny requests, give comments, and schedule execution using the data privacy officer console.
Capabilities of Data privacy officer(DPO)
A data privacy officer has the following capabilities:
-
Search for records with data-sensitive fields retrieve the required information.
-
Reject a request if it is not unjustified or in accordance with the established privacy policies.
-
Review submitted requests and prepare responses.
-
Update records with sensitive data to comply with the data update or removal request.
-
Access a list of data privacy requests and provide responses.
-
Create a privacy-request policy to govern how privacy requests are handled.
Data Privacy Officer Console
The data privacy officer console is a user interface that enables a DPO to access privacy requests from other users concerning the handling of personal data.
The DPO console is only accessible to users assigned the role of a data privacy officer. |
Using the data privacy officer console, a DPO can approve or reject requests, provide feedback in the form of comments, schedule requests for execution, and have an overview of modules with sensitive data.
Privacy Requests
The DPO has access to a list of pending requests that need to be approved. The privacy requests include correction, export, and deletion.
To access these requests:
On your Corteza instance navigate to the Data Privacy Console by clicking on Privacy application.
On the data privacy console, click on incoming privacy button.
Once on the privacy requests page, you can click on approve Requests to approve all pending requests.
Additionally,you can click on each individual request to approve or reject it.
Additionally, the DPO can also respond by providing feedback to a request using the comment dialog box. |
Through the data privacy console, the DPO has access to correction requests made by users to correct their data because it is inaccurate, incomplete, misleading, or out-of-date. |
|
Through the data privacy console, the DPO has access to deletion requests made by users in case they are dissatisfied with their personal information for any reason. |
|
Through the data privacy console, the DPO has access to data export requests made by users when they want to obtain a copy of their data for backup or import it into a different system. |