Download PDF
Software AG > Case Studies > Tackling GDPR the Smart Way Creating A New Use Case for Existing Technology and Turning Compliance into Opportunity
Software AG Logo

Tackling GDPR the Smart Way Creating A New Use Case for Existing Technology and Turning Compliance into Opportunity

Technology Category
  • Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries
  • Finance & Insurance
Applicable Functions
  • Business Operation
Use Cases
  • Regulatory Compliance Monitoring
Services
  • Cloud Planning, Design & Implementation Services
  • Data Science Services
The Challenge
The company, a stalwart in the U.K. financial services sector, was facing the enforcement deadlines of the EU General Data Protection Regulation (GDPR). The regulation required breaches to be reported to regulators within 72 hours of detection, and users must be given the ability to request their data or have it permanently deleted. Non-compliance was not an option, with staggering penalties on the line. The company was also dealing with strict regulatory oversight, rapid growth, rising costs, and manual processes and documents.
About The Customer
The company is a well-established entity in the U.K. financial services sector. It has a history that spans over a century and is known for its commitment to its members. The company boasts of more than 18,000 employees and 400 branches spread across the U.K. This extensive network has earned the company the highest customer satisfaction in the industry. The company prides itself on its loyalty to its customers and has a strong focus on treating its customers fairly and protecting their data.
The Solution
The company had been using Software AG's ARIS since 2010 and had moved to a cloud-based system in 2017. This prior investment in ARIS meant that the heavy lifting for GDPR compliance was already done. By leveraging the latest capabilities of the ARIS solution, the company had access to new fact sheets in ARIS to maintain ROPA Reports in an easy, table-based interface. It had new filters to document processing activities across applications and processes and GDPR-tailored dashboards designed specifically for immediate reaction and total visibility in the case of incidents in near real time. The company also used its GDPR preparation to assess how it managed its data with the potential for a new focus on privacy, closer customer engagement, and increased trust.
Operational Impact
  • Achieved day-one GDPR compliance
  • Improved ability to respond to new regulations
  • Provided new ROI on previous platform investments

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.