Is your company prepared to achieve GDPR compliance?

For those unfamiliar with the concept, GDPR stands for General Data Protection Regulation which is a regulation intended to strengthen and unify data protection for all individuals within the European Union.
It becomes enforceable on the 25th of May, 2018.

This means that there are certain types of privacy data that this regulation aims to protect, such as:

  • Basic identity information, for instance name, address and ID numbers;
  • Web data such as location, IP address, cookie data and RFID tags;
  • Health and genetic data;
  • Biometric data;
  • Racial or ethnic data;
  • Political opinions;
  • Sexual orientation
       
What is expected from a CMS/BPM in this area?
This regulation covers several topics.  We will focus in two of those in this article: Archive / Purge and Individual Rights.
 
Archive/Purge

Any information system that stores data should have the capability to define retention periods, both for archive and purge, which means that data has a Time to Live [SP1] that is configurable according to the type of data in question. For example, job applications often generate the storage of personal sensitive data. For this type of information there are laws that define the maximum time that a company can keep this information. On the other hand, there is data from employer records that should be kept for a different period of time. An information system should be able to define these periods and archive or purge data when the deadline arrives.
 

Individual Rights

In order to respect individual rights, an information system should allow anonymization of data, applying a non-reversible encryption.
Hereupon, this anonymization should be designed according to the type of data that we are dealing with. For example, if an employee invokes the "Right to be forgotten", his employer should have the capacity to do so by anonymizing all the stored employee's sensitive data. This does not mean that all data should be suddenly erased, because there is a professional history that should be kept, but all references to that employee should be masked in order to become impossible for anyone to discover that the stored data is from that person.

Although these topics seem simple, they can raise many problems for current information systems that are not prepared to deal with these new regulations and that is why, since early 2017, the demand for Information Systems that can effectively address GDPR compliance has increased.

Scriptor Server is already ready for this change as we have been working in order to give Information Managers the tools they need to implement data protection in their organizations, starting now!
Rui Estêvão
Scriptor Server Product Manager
Articles from Rui Estêvão

For those unfamiliar with the concept, GDPR stands for General Data Protection Regulation which is a...

Rui Estêvão
Scriptor Server Product Manager

Did you know that Scriptor Server 10, has a new homepage that can be fully customized?

Rui Estêvão
Scriptor Server Product Manager

Content creation and delivery in digital format has been a challenge since the beginning of the digital...

Rui Estêvão
Scriptor Server Product Manager

Scriptor Server helps you manage large amount of information increasing your profitability.

Rui Estêvão
Scriptor Server Product Manager

New system present in toolbar improves project management and communication with customer.

Rui Estêvão
Scriptor Server Product Manager

Save time when importing and exporting information.

Rui Estêvão
Scriptor Server Product Manager
Last articles

Nowadays, the need to boost sales plays a central role in the minds of many entrepreneurs and managers....

Pedro Seabra
CEO, Partner and Co-founder

Have a team available to work focused on results, build processes in a progressive way and put quickly...

Pedro Seabra
CEO, Partner and Co-founder

Empower the team and give them the best tools. Preserve the organizational knowledge and business...

Pedro Seabra
CEO, Partner and Co-founder

Centralising, tracking and managing your information flows

Tell us your needs