0
21.1.3
Zurich Patch 4, Zurich, Yokohama Patch 9, Yokohama Patch 6, Yokohama Patch 4, Yokohama Patch 2, Yokohama, Xanadu Patch 9, Xanadu Patch 8, Xanadu Patch 4, Xanadu, Washington DC Patch 7, Washington DC Patch 5
The Personal Data Rights application enables individuals associated with an organization to exercise their personal data rights, while assisting the privacy team in monitoring, overseeing, and promptly resolving incoming data rights requests within the SLAs specified by global privacy laws.
Additionally, the privacy team has the capability to delegate tasks to different data administrators for the timely fulfillment of individual requests within the defined SLAs.
- PDR request intake form
- Request intake sources: Manual, API, and inbound email
- Workflow for PDR requests and PDR action tasks with notifications
- Configurable workflow for both PDR requests and action tasks to collect and process Data Subject Access Requests (DSARs)
- PDR Workspace
- Dedicated workspace to manage PDR requests
- Operational reports and dashboard to track
New
Added the ability to create personal data rights requests using a public form. This feature includes:
- The capability for users to submit requests without logging into the ServiceNow instance.
- The option for users to provide details such as country, email, phone, and type of request.
- Email OTP-based validation to ensure the security of the requests.
Fixed
- Resolved a security vulnerability that allowed unintended edits to read-only fields.
- Replaced hard-coded admin role dependencies with granular roles to improve security and align with least privilege principles.
-
The following GRC applications must be installed and activated:
- GRC: Policy and Compliance Management (com.sn_compliance)
- GRC: Privacy Management (com.sn_privacy)
- GRC: Common Workspace Elements (com.sn_grc_workspace)
Permissions and roles:
- Role required to install the app: System Admin (admin)