A simple, secure and connected solution for business compliance

To support companies on issues relating to data protection and GDPR compliance, Infhotep offers its customers the Adequacy solution. Anne-Angélique de Tourtier, Customer Experience Officer at Adequacy, presents this solution and its main advantages

A few words to introduce us to Infhotep and Adequacy?

Infhotep is a consulting company created in 2003 and specialized in information systems with a focus on the management of data assets. In 2016, with the emergence of the GDPR, the Infhotep teams developed a toolbox to be able to successfully carry out their first missions around data protection and GDPR compliance. Praised by our customers, this toolbox has become Adequacy, a software solution that was created with and at the service of the businesses that use it on a daily basis.

Today, who is Adequacy aimed at and what problems can it be used to address?

All businesses, regardless of size, as well as public organizations can use Adequacy. More specifically, it makes it possible to meet the specific needs of three businesses:

• The DPO who has a compliance challenge in his organization, whether public or private: he will be able to use all the recurring functionalities in the context of data protection and compliance with the GDPR. For example, it will be able to maintain and automate the processing register, privacy impact assessments (AIPD/PIA), the log of the exercise of rights or even dashboards and reports;
• The legal director who has the challenge of auditing contracts, mapping subcontractors and identifying potential transfers outside the EU: in Adequacy, he will find functionalities to support him in reviewing contracts, in particular in drafting contractual clauses, in particular subcontracting, but also to carry out audits or self-evaluations in order to assess the “compliance” of the organization... ;
• The CIO who has a security challenge: he will have access to specific functionalities for application mapping, identification and measurement of security and risks. He will thus be able to conduct security audits on the tools and applications used in the organization, and more generally manage the security of the IS.

Can you also give us concrete examples of how to use it?

Regarding the contract review activity, a strategic but challenging task, the legal department will be able to launch, thanks to Adequacy, audit campaigns for its subcontractors to verify compliance with RGPD requirements. The solution also includes integrated, automatic, contextual, and registry clause models. On the critical subject of data transfers outside the European Union, the user will be able to verify and monitor the compliance of these transfers through a reporting and risk management system.

At the DSI level, we can cite the impact analysis module, directly connected to the register, which integrates contextual aids for the explanation of the terms of the methodology and defined terms, questions to guide the user, replicable models and threat scenarios. Moreover, this module is one of the main differentiators of our solution on the market!

Why is it relevant for a company and more particularly for a legal department to have a tool like Adequacy?

Operationally, Adequacy saves 50% of time on registers thanks to replicable models and 75% on impact analysis. Beyond that, this solution makes it possible to centralize over time all the elements necessary to structure the compliance process of organizations and to prioritize work sites. Simple, secure and connected, it adapts to the information system of each company or organization. 100% developed in-house and hosted in France, it is also a sovereign solution. Finally, our Customer Success Managers who support our clients all have a legal profile and are DPoS certified by Afnor.