US digital signature tech company, PactSafe, has introduced a new data privacy consent management solution to help inhouse legal teams to meet the impending European Union’s General Data Protection Regulation (GDPR) obligations.
The consent management solution gives end-to-end tracking and management of opt-ins and opt-outs of data privacy statements and legal policies, which is expected to be a critical step toward GDPR compliance – and then being able to prove compliance.
The new EU regime begins on 25 May, or in just two months, with many businesses – and law firms – not entirely ready yet. Failure to acquire consent to collect and process personal data could result in massive fines, upwards of €20 million or 4% of a business’s global annual revenue.
The company, which is known for its pioneering work in contract signature tech, including a ‘smile to sign’ experimental application (covered by Artificial Lawyer last year), said in a statement that the consent management product allows businesses to capture consent on websites, on mobile apps and via email. It also generates ‘consent receipt records‘ to demonstrate compliance.
A privacy analytics dashboard then helps identify gaps in compliance with ‘push-button reports covering privacy policy adoption by version or collection point, policy changelogs, and consent activity at both aggregate and granular levels’.
Artificial Lawyer caught up with the PactSafe team and asked for a bit more information.
– Sounds great, but can you please explain how this works?
Consent Management by PactSafe allows you to document consent on websites, mobile apps, email and more—wherever and however it makes sense for your business and customers. It’s built on the core PactSafe platform. You can create, collaborate on, and update versions of different privacy policies, easily integrate them into your website, mobile app, etc. and collect acceptance.
GDPR specific features include:
- The ability to generate consent receipt records to demonstrate compliance and empower data subjects to view and manage their consent preferences.
- Powerful analytics and insights allow you to quickly run consent reports and audit trails to identify gaps in your compliance and consent efforts.
- Pull reports in real-time to demonstrate compliance to regulators with push button, customizable reports showing policy changelogs, aggregate and granular consent activity, and more.
- Manage and update all data privacy policies and statements from a centralized dashboard and instantly publish updated policies to multiple consent capture points, and initiate bulk notifications to data subjects when policies are updated.
- For when a user revokes consent, our product automatically triggers opt-out workflows.
Note, these solve the main aspects of GDPR, which will require businesses to clearly state to users how their information will be used, gain consent to use their data, as well as provide easy access to users to update how their information is being used, and revoke consent.
Does this also work with PactSafe’s other signing systems?
Yes, this integrates into the existing PactSafe products: text-to-sign, click-to-accept and click-through.
Why is this particular tech application useful in the legal sector?
Legal teams have a lot to consider when creating a plan for GDPR compliance. PactSafe can help with several big items on that list. In addition to consent management, for many enterprises and organizations of smaller sizes, Data Processing Agreements become a massive hurdle to achieving full GDPR compliance.
The volume and velocity at which DPAs must be executed in time for the regulation’s enforceability date (May 25, 2018) presents a painful, top-of-mind problem for most in-house legal teams. PactSafe is able to address the unique nature of these GDPR-mandated agreements with its ability to efficiently create and send them out for acceptance.
As far as integrating into existing technology at law firms/or another company, PactSafe prioritizes a flexible API for this purpose. The PactSafe API makes it easy to automate consent workflows across business systems. Automated actions help remedy compliance related gaps and consent revocation. Additionally, integrations allow you to populate consent activity data and reports into popular applications like Salesforce, Workday and more.
Thanks! It does seem that the legal world could do with some additional help here.
—
If you would like to see a short video overview of the system, please check this out below.