Consent Management
Problem Statement
These contents are translated by Google Translate
Starting with GDPR in Europe and CCPA in the United States, laws and regulations have been created around the world regarding the acquisition and use of personal information by business operators and the provision of personal information to third parties, and there is a strong demand for the correct handling of personal information. Even in Japan, when using personal information, it is necessary to obtain the consent of the provider of personal information and record the history of use and the history of provision to third parties. These records are required to meet the three requirements of "authenticity", "readability", and "storability".
Of these, "authenticity" can be easily modified by administrators, etc. when recording electromagnetically, so when building a system, it is necessary to record it on a Write One device such as a CD-R. , it is necessary to protect the system so that it cannot be easily tampered with by the management system.
However, when responding to withdrawal of consent, such recording media do not immediately reflect the status of consent / withdrawal online, so the correct status may not always be recorded. For this reason, there is a need for a recording system that can detect tampering online. Blockchain and distributed ledger technology is attracting attention as a technology to do this online, but it is necessary to solve the scalability problem and maintain consistency with the database.
Solution Overview
These contents are translated by Google Translate
By recording the consent status and usage history in Scalar DL, it is possible to meet the three requirements of "authenticity", "readability" and "storability".
We also provide Scalar IST (Information banking Solution Template) as a template for consent management for personal information management.
In Scalar IST, the consent document is structured with five master information: “Purpose of use”, “Data set”, “Term of use”, “Third party provider”, and “Benefits”, so that the data subject who provides personal information can provide the necessary information. Only allow partial consent. In addition, the consent status is historyed and immediately recorded in Scalar DL.
Why Scalar
These contents are translated by Google Translate
Since Scalar DL can simultaneously update the recording area and update area, personal information can be saved in the update area, and the process of recording consent status and usage history in the recording area can be executed in one transaction.
Since Scalar DL supports various clouds and various databases, it is possible to operate the system as an extension of the existing system operation system, and it is possible to expand according to the scalability of the database used.