Product Release: Data System Attributes, Privacy Request Workflows, Data System Tasks, Manual Privacy Requests, & Privacy Request History
Data System Attributes
Concord’s new data systems functionality allows companies to easily add different data systems and attributes to their organization. This is important because most privacy regulations require companies to maintain a comprehensive inventory of all the data they have about individual users. With this new functionality, companies can easily add all the data systems they use to help with data mapping, compliance documentation, and the handling of data privacy requests.
Concord’s expanded data system attributes will also provide additional functionality related to data privacy reporting, audits, and assessments. This helps with all types of specific data privacy requirements and reporting, including:
- Record of Processing Activities (ROPA): As part of GDPR compliance, organizations are required to create and maintain a Record of Processing Activities, which includes the purposes of processing personal data, the parties to whom they are disclosing the data, how long they will retain the data, and other details.
- Privacy Impact Assessments (PIAs): When an organization develops new projects, strategies, or systems, a Privacy Impact Assessment is a tool to identify and manage any associated privacy risks. A PIA helps organizations ensure compliance with privacy regulation, identify and evaluate the risk of privacy breaches, and identify controls to mitigate that risk.
For a full list of the different data systems we support out of the box, please visit our integrations section. You can easily add a custom data system within our Admin UI as well, but please reach out to us to let us know if there are any additional data systems that you would like to see added to the platform.
This release of data systems includes the following updates:
- Added large initial group of new data system attributes (relationships, origins, destinations, security measures, processing purposes, & personal data categories).
- Added new contacts feature to data systems that allows different types of users to be associated with different data systems.
- Added a large expanded list of new predefined data system types, allowing companies to pick from our list of 90+ integrations when setting up data systems.
- Updated tooltips and guides for data systems.
Privacy Request Workflows & Data System Tasks
Concord’s latest product release also simplifies workflows, making handling privacy requests even easier by automating the tasks needed for fulfillment. When a company receives a verified data privacy request (get a copy of my data, change my data, delete my data, or do not sell my data), Concord creates tasks for each applicable data system in a project. Any Concord user with edit rights can complete the data system specific tasks for a data privacy request, and when all tasks are completed, the request can be marked as resolved. Once resolved, an email is automatically generated and sent to the individual who made the request. If the individual requested to get a copy of their data, the email will include a message on how the user can access the copy of their data.
This release includes:
- Added data systems and projects linkage to facilitate advanced privacy request workflows.
- Added new tasks feature that automatically creates new tasks for data system in a project.
- Added backend support for the new tasks feature tied to privacy request workflows.
- Added task tracking and completion requirement to privacy requests.
Manual Privacy Requests & Privacy Request History
For scenarios where users submit a privacy request via another method outside of privacy center, we added the ability to manually add new privacy requests in the Admin UI. This was already available via our Zapier integration, but this allows requests to be easily added without having to use a third party tool or our APIs.
We also added the ability for users to be able to view their privacy request history and status directly in privacy center. Individuals can now look at the privacy center and see a list of any privacy requests they have submitted, the date and time the request was made, and whether the request is pending verification, in process, or completed. The status is updated in real-time as updates are made to the request within the Concord Admin UI.
Other Fixes & Improvements
- Fixed display and selector type issue with organization status.
- Fixed occasional notifications connection issue.
- Fixed issue where users were receiving an error after accepting user invite to the Admin UI.
- Fixed issue where end user was not receiving email notification for resolved privacy requests.
- Fixed issues where Viewers could not see send from email address for organization.
- Fixed issue where the system returned a "Loading failed" error message when adding a new send from email address.
- Fixed issue where data was cleared out during the data system wizard when going back.
- Fixed sort issue for submitted privacy requests.
- Fixed issue where token was temporarily expiring in the Admin UI and causing a display issue.
- Fixed issue where users were not able to delete billing address details in lines 2 and 3.
- Fixed issue were mark as resolved button was not working in certain cases on the privacy request form.
- Fixed issue that restricted users from manually adding a privacy request.
- Fixed privacy request sort issue.
- Fixed table formatting issues when viewing your data privacy on mobile devices.
- Fixed button formatting issues when viewing consent events on mobile devices.
- Fixed issue with dropdown list options for pre-verified field.
- Fixed issue where some users were unable to manually add privacy requests.
- Fixed box border issue on some devices in the privacy center.
- Fixed issues with button toggle functionality for site config.
- Fixed sort issue for privacy requests.
- Fixed issue that impacted the ability for certain users to edit projects.
- Fixed API issue that was generating 502 errors.
- Fixed API issues that generated 500 errors.
- Fixed issue that caused some do not sell and change data notifications to be stuck in a loop.
- Fixed response validation issues.
- Added new pre-verified option for privacy requests.
- Fixed issue that caused certain users to not be able to delete keys or domains.
- Fixed project sort and search functionality.
- Fixed issue related to saving email address on edit user page.
- Fixed formatting issue in do not sell email notification.
- Fixed edit button visibility for certain user roles.
- Fixed date selection issue for privacy requests.
- Updates to styling for consent events in privacy center.
- Added more robust ECS deployment monitoring for all services.
- Fixed issue that impacted users trying to change send from email on edit project page.
- Fixed delete issue related to user permissions.
- Fixed issue where restricted users could delete domains.
- Fixed date issue impacting reporting and metrics.
- Added project and environment to service logs.
- Updated Site API and Privacy API documentation.
- Updates to organizational level users and added invite email to notify users that they were invited to access an organization.
- Enhancement to send an email notification to users that a pending privacy request was marked resolved.
- Enhancement to show users a list of privacy requests and associated details that they submitted for a specific organization.
- Fixed issue where creating a new user in the Admin UI with an email address that is already in use caused the original user account to be overwritten.
- Converted mail service to ECS for performance improvements.
- Added new and improved deploy dashboard.