Home

Flowz is a SaaS (Software as a Service), which provides a solution to record the information flowing around an organisation. The software provides a risk score against the information and flows within the organisation, assisting in the compliance of the new GDPR law.

simple interface

menu maps

shared assets

hosted environment

workflow authorisation

organisational unit

automatic calculations

data upload

risk reporting

new dashboards

out-of-the-box

INTELLIGENT LINKING TO FLOWS OF DATA

Product Features

simple interface

Allows users to record personal or team flows in and out of a department, or the whole organisation.

menu maps

An administrator may grant or revoke system features for user roles or specific users for their organisation as a whole or for individual organisational units.

shared assets

Information Assets are created as private to their organisational unit by default but may be shared with specific organisational units or the entire organisation.

hosted environment

Flowz utilises a secure UK Data Centre with easy browser access from any location.

organisational unit

Organisations in Flowz may now be structured using Organisational Units and Organisational Hierarchies to better model their real-world counterparts. Organisations may have nested units to accurately reflect their business with each having hierarchies to map their departments, teams etc.

automatic calculations

The system allows for information to be calculated with a risk score on your flows and assets. This has a predefined calculation but can be configured manually for any organisation.

risk reporting

Flowz has a risk reporting dashboard for users to be able to create reports on specific flows and assets within the organisation. You can also report on individual users or departments.

workflow authorisation

There is the ability to authorise new flows and assets and therefore to build an approval process around them (useful for Senior Risk Owner or Caldicott Guardian approvals of all new flows and assets).

INTELLIGENT LINKING TO FLOWS OF DATA

ISO27005 (information risk management) describes assets as at rest and in motion. Where they are in motion (e.g. sent by email) we consider them a subset of the main asset and record them as such, allowing you to record all the incoming and outgoing data from your databases.

new dashboards

Three dashboards are now available in Flowz tailored by user role, offering asset-centric and flow-centric views across the organisation with the ability to drill down to individual assets and flows.

out-of-the-box

Flowz is configured with fields to record all of the attributes required by EU GDPR article 30 – Records of Processing, although is designed so that every part of the system can be closely tailored to an organisations particular needs. We now have industry specific templates for Local Authorities, Higher Education, Health and accountancy, to get you up to speed quickly.

data upload

Information, for example lists of users, assets etc. may now be imported directly from Microsoft Excel spreadsheets.

Get It Done With Us

Tailored to Fit

Flowz is dynamic and easily customisable at every level, to meet differing organisational needs

Keep the ICO happy

Flowz captures the level of detail needed to satisfy supervisory authorities

Simple to use

Flowz has a simple and intuitive user interface, which speeds up adoption

GDPR is risk-based

Flowz doesn’t just record facts about the data you process, but supports your compliance with your duties under GDPR, which are risk-based, through highly customisable risk assessments (link to GDPR risk drivers).

GDPR is not a prescriptive standard with a binary compliant/not compliant measure, but is based on risk assessment, which should be documented (see GDPR risk drivers [link])

Easy to adopt

Flows uses clever responsive forms to ensure your users are only ever presented with questions that are relevant to them, based on their answer to the previous question. Regardless of how complex the scenario, your users are guided by you and supported through the process with entirely customisable messaging to give the right answer.

Organisations and individual users personalise their views for easy switching between different lenses, e.g., Record of Processing Activity (GDPR article 30), duty of accountability (GDPR article 5), risk-based views (GDPR articles 24, 32, 39). [Linked]

