Is your company prepared to achieve GDPR compliance?
For those unfamiliar with the concept, GDPR stands for General Data Protection Regulation which is a regulation intended to strengthen and unify data protection for all individuals within the European Union.
It becomes enforceable on the 25th of May, 2018.
- Basic identity information, for instance name, address and ID numbers;
- Web data such as location, IP address, cookie data and RFID tags;
- Health and genetic data;
- Biometric data;
- Racial or ethnic data;
- Political opinions;
- Sexual orientation
This regulation covers several topics. We will focus in two of those in this article: Archive / Purge and Individual Rights.
Archive/Purge
Any information system that stores data should have the capability to define retention periods, both for archive and purge, which means that data has a Time to Live [SP1] that is configurable according to the type of data in question. For example, job applications often generate the storage of personal sensitive data. For this type of information there are laws that define the maximum time that a company can keep this information. On the other hand, there is data from employer records that should be kept for a different period of time. An information system should be able to define these periods and archive or purge data when the deadline arrives.
Individual Rights
In order to respect individual rights, an information system should allow anonymization of data, applying a non-reversible encryption.
Hereupon, this anonymization should be designed according to the type of data that we are dealing with. For example, if an employee invokes the "Right to be forgotten", his employer should have the capacity to do so by anonymizing all the stored employee's sensitive data. This does not mean that all data should be suddenly erased, because there is a professional history that should be kept, but all references to that employee should be masked in order to become impossible for anyone to discover that the stored data is from that person.
Although these topics seem simple, they can raise many problems for current information systems that are not prepared to deal with these new regulations and that is why, since early 2017, the demand for Information Systems that can effectively address GDPR compliance has increased.
Scriptor Server is already ready for this change as we have been working in order to give Information Managers the tools they need to implement data protection in their organizations, starting now!
For those unfamiliar with the concept, GDPR stands for General Data Protection Regulation which is a...
Did you know that Scriptor Server 10, has a new homepage that can be fully customized?
Content creation and delivery in digital format has been a challenge since the beginning of the digital...
Scriptor Server helps you manage large amount of information increasing your profitability.
New system present in toolbar improves project management and communication with customer.
Save time when importing and exporting information.
Yes, it´s a tough mission, but it doesn´t need to cause you a headache.
Of course there is a better way to do it.
Meet GESTIFIX - one of our dearest clients - and know more about how small and medium companies can...
