Use case: Ensure privacy standards are met The General Data Protection Regulation (GDPR) has had an impact on virtually every company in the world with an online presence. Given the GDPR9s hefty fines of up to 4% of global annual revenue, companies are taking precautions to ensure compliance. One added benefit is that, by complying, they protect their reputation with customers. However, GDPR isn9t the only data protection regulation that organizations must follow. Countries such as Japan, Australia, Brazil, Canada, and the United States have approved similar legislation4adding to the compliance burden. Data Protection Laws of the World Source: DLP Piper Figure 10: The growing number of data protection regulations is adding complexity At ServiceNow, we take a different approach to compliance that allows you to easily meet all of these different privacy regulations. We identify the applications that touch personal data, gathering supporting evidence while tracking application compliance across functional groups. And we streamline access to critical risk, control, vendor, and security data. The result? You rapidly identify threats, improve efficiency, and protect your customers9 sensitive data. Key ServiceNow privacy protection capabilities include: • Importing data privacy requirements and descriptions through Policy Management • Distributing and tracking Data Protection Impact Assessments (DPIAs) • Executing risk evaluations and managing issues • Managing audit engagements • Addressing data subject requirements and requests • Facilitating Personally Identifiable Information (PII) mapping • Addressing 72-hour breach notifications • Managing third-party data privacy compliance • Addressing Data Protection Officer (DPO) requirements and providing visibility 13