Purpose. The GDPR fines assessment system is designed to be used to solve the following problems: description of the main provisions in the company that do not comply with the GDPR; assessment of the company’s infrastructure to identify violations in the processing of personal data of employees and / or clients; assessment of potential damage to the company in case of non-compliance with the main provisions of the GDPR.
Scope. Potential users of the developed software are foreign and Ukrainian companies (Small, Middle, Large Enterprise) that process personal data of EU citizens.
Advantages. For the first time, a system for assessing the negative consequences of personal data leakage has been proposed, which, using the developed new assessment rules, scattering of points and certain recommendations, allows you to calculate the potential loss of the company and prevent its occurrence by providing clear recommendations with possible corrections to the identified infrastructure deficiencies.
Description. GDPR-system for assessing the negative consequences of personal data leakage GDPR fines is a fundamentally new development in the assessment of violations by a company of the rules for processing personal data of EU citizens in accordance with the GDPR Regulation. The system software is developed in the C# programming language, which makes it flexible in use and can be implemented into the approved business processes of the company to conduct regular checks of its internal infrastructure and receive recommendations for eliminating potential violations in the processing of personal data of citizens of Ukraine and the EU. The developed solution is based on four functions. In the first, the company auditor needs to select the potential level of violation in accordance with the GDPR Regulation. In the second, the auditor indicates basic information about the company being audited. In the third, the auditor assesses the company’s infrastructure based on a questionnaire in accordance with the GDPR Regulation. The last function allows the auditor to receive a report on recommendations for the audit conducted, indicating the maximum possible and calculated loss to the company in case of failure to correct the identified inconsistencies in the processing of personal data.