Data Protection Solution

Allinity's Data Protection Solution offers clients a review of their PeopleSoft HCM systems compliance with the recent Data Protection Act, guidance on adhering to the Act, an assessment of your current compliance (and areas of risk and non-compliance) and a software solution to verify adherence.  The Allinity solution is a complete package which is comprised of two parts – a PeopleSoft HCM review and a Compliance Service.

PeopleSoft HCM Review

The HCM Review will be conducted by a team of our highly experienced functional consultants and follows standard audit principles.  The HCM Review will clearly document areas of compliance and risk across all your PeopleSoft systems and PeopleSoft related business processes.  From the HCM Review, a compliance design plan will be generated for your business to implement.  The standard review is confined to PeopleSoft HCM, but can be expanded to cover additional HCM systems which interact with PeopleSoft HCM.  Allinity do not provide legal advice on the Data Protection Act.

The key features of the PeopleSoft HCM Review are:

• A complete solution set for Data Protection addressing both issues and policies
  
  
• Conduct a full review of the Personal Data held in the live system.  This will consider:
  
  
  • The accuracy of the data
    
    
  • The suitability of the data
    
    
  • The timeliness of the data
    
    
  • The business need for the data
    
    
• Review any processes and procedures related to data protection and retention
  
  
• Review business processes associated with the gathering of data for input and / or interface to the system
  
  
• Review user access to the data and their roles
  
  
• Review access to outputs from the system (e.g. reports)
  
  
• Review business processes associated with any data output or interfaced from the system
  
  
• Review data and use of other versions of the system (i.e. training, testing and development environments)
  
  
• Review procedures that cover exceptions to established business processes
  
  
• Review the results of the above tasks against any existing company policies and procedures on Data Protection
  
  
• Assess general awareness of Data Protection issues amongst the HR users
  
  
• Detail and confirmation of areas of compliance with Data Protection requirements
  
  
• Detail of areas of potential non-compliance, including and assessment of risk in terms of likelihood and severity
  
  
• Details of areas where compliance cannot be determined one way or the other with recommendations for establishing evidence
  
  
• Recommended next steps, where applicable (including timeframe and urgency)

Compliance Service

The Allinity Compliance Service allows you to record your Data Protection Issues, and your Policies in respect of those Issues within your PeopleSoft HCM environment. The Compliance Service also gives you a fully configurable interface enabling you to clear or anonymise data and record and demonstrate adherence to your policy. Additionally a user configurable Subject Access Report is provided ready for when you are requested to provide information contained within your PeopleSoft HCM system.

The key features of the Compliance Service are:

• Record Location and Deletion
  
  
• Full Data Scrambling
  
  
• Selective Data Scrambling
  
  
• Subject Access Request Report
  
  
• DPAS Compliance Proof Reports
  
  
• Pre-defined templates and functions
  
  
• Definable population of data to be processed
  
  
• Automatic cascade feature maintains referential integrity
  
  
• Anonymisation / scrambling by Constant, Translate, Lookup or a Function
  
  
• Can be deployed to training / testing environment for thorough testing without compromising any data policies
  
  
• Allows confirmation of population to be processed prior to processing