Fortune 100 Financial Services Company Scales Privacy Program with Radar

Innovative SaaS solution provides automated, consistent risk assessment for growing number of privacy and security incidents

Download as a PDF

< Return to Case Studies

imgWe’re transitioning to a digital-first company, with all of our in-house data centers in the cloud and a bigger electronic footprint. As an innovative, highly secure SaaS solution, Radar is ideal for our current and future compliance needs.”

– Executive Compliance Manager, Fortune 100 Financial Services Company

A large financial services company that collects, stores, and processes huge volumes of sensitive customer data was undergoing a digital transformation, replacing manual and outdated processes with a more scalable, purpose-built solution to improve cross-functional collaboration while making its privacy team more productive.

The privacy team, which supports every line of business, needed an efficient, consistent method for addressing the increased incident volume and breach risks against a complex web of ever-changing state laws, in addition to the burden of compliance with federal and international data breach regulations.

Challenges

The company had developed an in-house module for their GRC system to manage the tasks associated with the incident response process. For several years, they used this software as a generic workflow, document repository, and tracking tool, but it lacked any decision-support capability. The collaboration between the privacy and legal teams was disjointed and inefficient, causing delays in decision making. Furthermore, the organization was growing rapidly and transforming to a digital-first company, and would require greater functionality and scalability than their homegrown solution was able to provide.

With a greater electronic footprint through mobile apps, chatbots, and cloud-based data centers, customers’ sensitive financial data was at increased risk from a wide variety of threats. The complexity of dealing with a growing number of incidents was significant. A possible breach would involve many—if not all—states, each jurisdiction having their own (and often changing) breach notification laws, on top of federal regulations such as GLBA.

Wanted: More efficiency, less complexity, and scalability

The company’s digital focus meant they sought out an innovative approach to incident response management—one that would scale to both the higher volume of incidents and the growing legal complexity. At the same time it had to be efficient, so that the company’s growing privacy needs would be addressed without the need to add headcount.All this required a technology solution that would:

  • Streamline incident escalation and data gathering across the entire enterprise to meet the rising number of incidents.
  • Perform automated incident risk assessments against all state and federal laws, as well as emerging international laws
  • Provide a consistent and collaborative method for efficient decision-making, documentation, and reporting for C-suite, board, and the privacy program.
  • Gain real-time visibility into root cause and incident trends.

Radar®: consistent, efficient, and reduces risk to improve compliance

The company’s executive compliance officer discovered Radar at a privacy conference and quickly came to appreciate the software’s innovative and intuitive capabilities and benefits. To start, Radar’s patented Breach Guidance Engine™ and regulatory workflows provided a streamlined and highly-efficient process for incident response management, so the compliance team could devote more time to other critical privacy initiatives.

“Radar provides a comprehensive multi-factor risk assessment and recommendations for every incident,” the senior compliance officer said. “We can easily identify the high-severity ones that require more investigation and explanation to regulators, and at the same time achieve total consistency and proof of compliance in the risk assessment process. Radar provides the additional level of validation that supports our decision making.”

Because state, federal, and international breach notification laws are integrated into Radar’s Breach Guidance Engine™, the company benefited from much needed consistency in the decision-making process. Adopting Radar has decreased their reputational and compliance risks in an increasingly risky business environment.

Other benefits include:

  • More efficient and strategic use of internal and external counsel by the privacy team
  • Greater visibility into the incident response process for external stakeholders
  • Always up-to-date with changing breach notification regulations
  • Reliable, highly secure SaaS platform ideally suited for the company’s digital-first business model

“We’re smart enough to know that it’s immensely helpful when somebody has already solved the problem,” the company’s senior compliance officer said. “Radar articulated what my vision was—and it’s beautiful software to boot. Radar is now our source of truth.”

Interested in learning more? Get in touch