Data Privacy Request Workflow Tool

Privacy is Key to Freedom
Process Overview

Inspiration

In the current perspective, our personal information is shared with lots of third-party vendors by many organizations. Numerous calls and emails are received for getting car loans, business needs, and many other lucrative offers with whom the information is not directly shared by us. This makes us vulnerable to identity theft and susceptible to Personal Identity Information exploitation. To keep the information secure and protected to the individuals, an organization can use our application, allowing their users to access their personal information as per their needs. That will lead to a more customer-friendly engagement with the organization.

What it does

Data Privacy Request Tracking Took allows an organization to implement a digital solution to process and track Privacy Rights requests submitted by the consumer

Multiple Channel Support A consumer can submit their Privacy Right request by calling in Helpdesk, through email, or using the self-service web form

Dynamic Case Management For each access right, right to access, right to sell, right to delete each child case is created by DCR and is subsequently passed for a two-level approval process.

Seamless Integration with 3rd Party application The solution provides extension points to connect the solution to other interfaces and data sources, thus the solution can directly be utilized with very minimal configuration effort.

Correspondence and Notification A system-generated response mail/email is sent out to the customer notifying that the Privacy Rights request received are now fulfilled successfully and will also contain a consolidated pdf report of the fulfillment work done over the Individual Right Request

Real-time reporting Built-in BAM reports provide real-time process status and compliance metrics

How we built it

The email listener has been created which will process the incoming mails and create a case.
DCR has been applied for each of the privacy request child cases.
Pega's unauthenticated ruleset and mashup configuration has been made for Gust user authentication access.

Challenges we ran into

Lack of transparency between the organization and the user about the user's data being used by the organization.
No Systematic Tracking of the access rights of customers and their lifecycle were present.
Poor coordination of activities across processes resulting in delays.
No systemic balanced workload distribution was present in such systems.
No end-to-end integrated workflow solution existed which can act as a center of the collection process, where other external applications would exist to support this workflow.

Accomplishments that we're proud of

Pega Unauthenticated and Self-service portal configuration has been applied. The guest user can directly login to our application and request his privacy access which has been configured by Mashup.
Email bot and the listener has been configured, Any incoming mail to the DL on which email listener is working will be picked up for PEGA processing.
Complex CCPA act has been configured. Any customer requesting his/her data privacy access can raise a request. The organization will process the request.
The mobile version for the application is also configured. Any consultant of the organization can install the software and scan the QR code to sign in to the application and raise requests for their customer's access rights.

What we learned

We have learned about the CCPA act incorporated in any state of the USA and the benefits the customers can utilize by providing the right access to the organizations.
We have learned about Pega's unauthenticated guest user login and email bots.

What's next for Data Privacy Request Workflow Tool

The DPR application can be extended and can be integrated with several other external systems that collect customers' secure information so that data can be accessed in those external apps, e.g OCR. We can use several external channels to create Data Privacy Request.

Built With

Submitted to

Pega Community Hackathon 2021

Created by

I have worked on PEGA Express rules and new features along with PEGA NLP, intent ,machine learning and Email bot along with self service portals and PEGA mobile app

Bikramjit Sinha
Worked on the UI interfaces and portal designing for processing the case

Arnab Paul
I have worked in the back end implementing new features of pega.

Alakananda Biswas
I have worked on implementing the solution using Pega OOTB features including Pega Web Mash up, Pega mobile application.

Gokulananda Sahu