Our technology, your security
The regulations require organisations to document what personal data they process, as well as why and how the processing takes place. The Iconfirm solution helps to structure and document this in a logical and dynamic way.
Transparency is a key principle in the regulations with clear disclosure requirements. The organisations that offer people clear and specific information and are able to manage their rights, builds trust.
Most processes contain personal data, information that either directly or indirectly can be linked to a person. These processes are at the core of an organisations cash flow and, thus, value. Hence, privacy is essential for sustainable business models and building and maintaining trust of your customers and users.
GDPR states that an organisation must be able to demonstrate compliance. More and more investors are using ESG ('Environmental, Social and Governance') criteria in their assessment of investment opportunities.
Iconfirm makes it easier to demonstrate this compliance, to individuals, customers, auditors and authorities.
- Consistent documentation and enhanced integrity
- Dynamic link between processes, systems and categories of data subjects gives good overview
- Templates and examples for easier onboarding
- Structured, continuously updated and readily available information
- Easier and uniform follow-up across the value chain
- Communication, tasks and notifications
- Incidents and breach reporting
- Subject rights request resolution
- Audit eports and security documentation
- Time stamps and logs to document continuous compliance
- Internal and external reporting
Software as a Service
Iconfirm is designed for the secure processing of patient data with privacy by design and default principles deeply embedded into the software's code and logic. The secure platform was caved out from the Nordic region's leading collaboration platform within private health, which is currently used by the largest banks and insurance companies, as well as over 1,300 hospitals and clinics.
The solution is robust and scalable and has been in continuous operation since May 25, 2017.
The Iconfirm solution is currently supporting the following languages:
Internationally recognised innovative solution
PwC Germany Legaltech scale programme
(1 of 8 selected ager screening 750 startups across Europe)
Records of processing activities
Detailed records on the basis of information from process overview and systems register.
- Ensure consistent information
- Between controller and processor
- Data Processing Agreements and the Records of processing activities
- Delegated maintenance to line organisation for efficiency and quality.
- Excel report
Structured and detailed information on systems, processors and third party recipients.
- Specifications of nature of processing and categories of data
- Technology, security of processing, subprocessors.
- Links, attachments and audit instructions
- Contact details to key personnel
- Contains all needed information to complete data processing agreements
- Quality assurance prior to new technology is implemented into organisation.
- Role based access
- APIs for integrity in data processing
- Data subject authentication
- Good solution for the handling of parental/legal guardians confirmations
- Central register for efficient consent management, overview and control
- Complete overview of all consents with search function and filtering
- Always updated and complete
- Detailed logs and full versioning
- Limit processing until valid consent can be documented
- Synchronise across multiple applications
Data subject rights
Structured process for efficient workflow and swift response
- Secure communication and sharing of information
- Notifications and detailed logs
- Efficient collaboration with third parties
- Flexible scope
- Quality assure progress and follow-up
- Opportunity for automation
Data processing agreements
Autocomplete Data Processing agreements on the basis of information in the systems register.
- Standard template ancored in European Data Protection Board by the Danish data Authorities.
- Consistent information
- Between data processor and controller
- Data processing agreeement and records of processing activities
- Ensure effective fulfillment of the agreement - over time
- Change of subprocessors
- Security documentation and audit reports
- Overview and control of all data processing agreements
Ensure efficient access to all relevant documents
- Policies and Instructions
- Specific privacy notices per category of data subjects
- Specific and granular consents
- Confidensiality agreements
- Power of attorneys and confirmations
- Links to other systems and documentation (Risk assessments and DPIAs)
- Easy online publication (passive)
- Active notification via SMS/email (logged)
- Integrate in data flow / customer journey
- Full versioning
Utilizing the platform infrastructure and reuse of structured information already collected facilitates:
- Easy to report, swift response
- Own organisation as well as data processors
- Quick overview over consequences
- For larger incidents, there is an opporunity to make updates and versioning as the case progresses
- Action oriented
- Audit log
- Reporting/Notifications (under development)
- Response team
- The affected
Risk assessments and mitigating actions
Many businesses have good tools and procedures for risk assessments. Very often these are oriented around the business' risk. In privacy, it is the risks for the Data Subject that are important. Using a common solution for risk assessments, the two may easily be confused.
Iconfirm has made it easy to make risk assessments and implement risk-reducing measures linked directly to systems or processes.
- Gives good opportunity to assess information security risk on systems while considering the risks of breaches of privacy principles and subject rights in processes.
- Easier to focus on the data subject's risk.
- Connection to the incident module
- Mitigating actions with deadlines and follow-up. Also possible to set recurring measures with notification.
- Support for templates. Resource bank on risks and effective measures under development.
Integration and automation
Ensure effiency through integrations with key work applications, allowing personnel to work in a familiar environements
- Automate documentation processes in the background
The solution is well prepared for integration into excisting work flows and procedures
- Adapters and APIs for automation across multiple applications
- Data exchange and file share integrity
- API keys for easy and secure authentication
Ensure privacy without disruption to daily operations.
A secure platform originally designed to process patient data.
Transparency and efficient response are key to build trust and confidence.
Automated logging of activities and task resolution.
Advanced data management
Use ICONFIRM to segregate and distribute personal identifiers
- Pseudonymisation and split processing.
- Privacy by design and default
- Great flexibility where each client can define which personal identifiers are processed for which categories of data subjects, purposes and in which underlying systems.
- The solution is designed for secure handling of patient data.
- Every client has own encryption key. Key vault encrypted as well.
- Out of the box solution for privacy by design and default.