LEM needs a trusted third party

The success of a company depends on the extent to which it succeeds in connecting with target groups. Knowing the partners with which business is done is a condition of keeping operational costs manageable. It is therefore essential for the continuity of the business that a company exchanges reliable company and personal data with its partners. In exchange for this data, a company will comply with legal obligations.

With the advent of the GDPR, persons have regained control of their data. Companies cannot simply continue to process “their” personal data. They will have to make agreements with persons about the processing of their data. Also, a company also wishes to control company data. Especially when it comes to strategically essential data, such as confidential company data, a company wishes to exercise control over by making enforceable agreements about the processing of company data.

Basic Legal Enitity Management

MYOBI helps companies on the Trust Network with an Information ecosystem, of which LEM is a part, to manage company and personal data.

Bilateral agreements between the parties on the processing of company and personal data, which are also workable, are no longer possible. The differences in data definitions alone and the disproportionately high management costs create blockages. A trusted third party (TTP) offers solace. MYOBI fulfils the role of the trusted third party and maintains the TTP policy; an arrangement to which all users of the Trust Network conform.

Based on the TTP policy, MYOBI undertakes to deal with the following matters:

  1. Maintaining data definitions and company data available from authentic sources (e.g. Dutch Chambers of Commerce) on the Trust Network in the company user’s Information Ecosystem;
  2. Authentication of the identity of companies and persons (certainty about “who is who”), electronic signatures on the trust network and notarising documents;
  3. Company user manages its business data using the Information Ecosystem. These include:
    • Formal business data that allows the user to compose corporate families for, for example, commercial, tax, banking objectives or data protection; and
    • Functional company data that enables a user to build organisational units, departments, and roles from a formal entity.
  4. The users control and direct the processing of their data. A company user indicates which data set may be shared with specific target groups under what conditions. MYOBI enables Smart contracting in the Information Ecosystem with a contract portfolio consisting of consent and processing agreements;
  5. Apply Accountability. Companies that use the Trust Network are accountable for their compliance with legal and contractual obligations focused on data protection and information security. This gives the Trust Network more certainty about the reliability of company and personal data. MYOBI enables the Information ecosystem with Smart compliance;
  6. Enable mediation driven dispute resolution. Rules of Mediation is part of TTP policy, and the contract portfolio bears documents for supporting a process of mediation; and
  7. Training opportunities for employees.

The facilities provided by the MYOBI Trust Network to users will grow depending on changes in the law and requests from users. MYOBI is organised well, also complies with the TTP policy and is responsible for the legal and contractual (including the TTP policy) obligations to society.

Operational

After signing the TTP policy, a company gets access to an Information Ecosystem in which LEM is included. The employee with the role LEF Manager maintains the internal company data. The employees with the role business coordinator conclude agreements with partners (e.g. customers, employees and suppliers) consent and or processing agreements.

A formal and functional structure grows. The formal or legal structure consists of a holding company and entities. Each entity has organisational units, and an organisational unit has departments, and a department has roles. We call this the functional structure of the organisation.

In the figure below, the formal and functional hierarchical structures are elaborated. There are formal roles that are regulated in the law (regulatory obligations). Consider, for example, the roles of the board, the supervisory board or the data protection officer.

The formal and functional hierarchical structures

MYOBI connects a person to a role of the company’s Information Ecosystem if MYOBI has completed the authentication of a person’s identity, and authentic sources (e.g. the Dutch Chambers of Commerce) show that the person is the company’s representative. The representative then assigns roles, and thus tasks, powers and responsibilities, to employees.

The role business coordinator has the authority to start processes. So also processes for countering, in particular processes aimed at controlling and directing the company and personal data. MYOBI facilitates these processes with Smart contracting and a contract portfolio with the following contract types:

  1. TTP policy, the mores on the Trust Network; and
  2. TTP policy-driven a set of consent and processing agreements aimed at controlling and directing the company and personal data.

By using this contract portfolio, the company builds and maintains its own Information ecosystem.

Standardisation Board

MYOBI has a Standardisation Board (SB) which, under the operation of the TTP policy, is responsible for formulating, managing and implementing data definitions on the MYOBI Trust Network. The goal is to ensure semantic data interoperability or data operability on the Trust Network.

Unlock data from several sources

MYOBI uses data from authentic sources. MYOBI makes agreements about automated exchange of data with as many authentic sources as possible. MYOBI makes agreements with as many suppliers of business systems as possible about automated exchange of company and personal data

Act in accordance with the TTP policy

Each user agrees to the TTP policy and concludes agreements with partners on the processing of company and personal data. The agreements consist of rights that can be exercised, and obligations that must be fulfilled. MYOBI helps companies comply with legal and contractual obligations through the Accountability Policy that includes the TTP Conduct of Conduct GDPR.

Dispute resolution

MYOBI is committed to avoiding issues between parties. In the event of disputes, MYOBI helps parties effectively, quickly and cost-effectively resolve the conflicts with mediation. MYOBI includes in the TTP policy the Rules of Mediation and prepared the contract portfolio with documents for mediation. The Business Coordinator can start a process of mediation with a partner.

Service desk and professional support

MYOBI has set up a decisive service desk. All users have access to a self-service desk, the users can by MYOBI messaging ask questions and the service desk will respond, and if necessary, the service desk can be consulted by phone during business hours (from Monday – Friday from 9:00 – 17:00).

Being able to direct company and personal data is a reason for LEM’s application. Other reasons may be tax issues, banking or business matters. Sometimes the knowledge may not be present to build the company LEM adequately. It can also happen that a company does not have LEM capacity, and yet it needs to steer the business activities. For all these situations, a company can make use of the training opportunities or ask a professional/consultant to provide a solution.

A trusted network is necessary for the exchange of personal and company data under the direction of the owner. With the advent of the GDPR, people have regained control of their data. Companies cannot continue processing “their” personal data. They will have to make agreements with persons about the processing of personal data. Also, a company wishes to exercise control over company data. Indeed, if it concerns strategically essential data, such as secret company data, a company wants to exercise control by making enforceable agreements about the processing of this data.

Bilateral agreements between parties about processing data, which are also workable, are no longer possible. The differences in data definitions and the disproportionately high management costs alone create blockades. A trusted third party (TTP) offers relief.

MYOBI fulfils the role of a trusted third party. It facilitates users to apply the TTP policy with:

  1. Making data definitions and company data available from authentic sources (eg Chambers of Commerce) on the trusted network in the information ecosystem of the company user;
  2. Authentication of the identity of companies and individuals (certainty about “who is who”). Electronic signatures and notarizing documents;
  3. Managing your own company data using the information ecosystem for a company user. It concerns:
    • Formal corporate data that allows the user to assemble corporate families for purposes such as commercial, tax, banking, or data protection; and
    • Functional business data that allows a user to assemble organizational units, departments and roles from a formal entity.
  4. The possibility for users to exercise control over the processing of their data. For this, the company indicates which set of data (definitions) may be shared with certain target groups under which conditions. For this MYOBI provides the information ecosystem with a contract portfolio with management and processing agreements; and
  5. Accountability applications. Companies that use the trusted network are accountable for compliance with legal and contractual data protection and information security obligations. This creates more certainty on the trusted network regarding the reliability of the company and personal data.

The services that the MYOBI Trusted Network offers to a user will grow depending on changes in laws and requests from users.

MYOBI is well organised, itself also complies with obligations of the law, contracts and TTP policy and is accountable to society.