Is your company prepared to achieve GDPR compliance?

For those unfamiliar with the concept, GDPR stands for General Data Protection Regulation which is a regulation intended to strengthen and unify data protection for all individuals within the European Union.
It becomes enforceable on the 25th of May, 2018.

This means that there are certain types of privacy data that this regulation aims to protect, such as:

  • Basic identity information, for instance name, address and ID numbers;
  • Web data such as location, IP address, cookie data and RFID tags;
  • Health and genetic data;
  • Biometric data;
  • Racial or ethnic data;
  • Political opinions;
  • Sexual orientation
       
What is expected from a CMS/BPM in this area?
This regulation covers several topics.  We will focus in two of those in this article: Archive / Purge and Individual Rights.
 
Archive/Purge

Any information system that stores data should have the capability to define retention periods, both for archive and purge, which means that data has a Time to Live [SP1] that is configurable according to the type of data in question. For example, job applications often generate the storage of personal sensitive data. For this type of information there are laws that define the maximum time that a company can keep this information. On the other hand, there is data from employer records that should be kept for a different period of time. An information system should be able to define these periods and archive or purge data when the deadline arrives.
 

Individual Rights

In order to respect individual rights, an information system should allow anonymization of data, applying a non-reversible encryption.
Hereupon, this anonymization should be designed according to the type of data that we are dealing with. For example, if an employee invokes the "Right to be forgotten", his employer should have the capacity to do so by anonymizing all the stored employee's sensitive data. This does not mean that all data should be suddenly erased, because there is a professional history that should be kept, but all references to that employee should be masked in order to become impossible for anyone to discover that the stored data is from that person.

Although these topics seem simple, they can raise many problems for current information systems that are not prepared to deal with these new regulations and that is why, since early 2017, the demand for Information Systems that can effectively address GDPR compliance has increased.

Scriptor Server is already ready for this change as we have been working in order to give Information Managers the tools they need to implement data protection in their organizations, starting now!
Rui Estêvão
Scriptor Server Product Manager
Articles from Rui Estêvão

For those unfamiliar with the concept, GDPR stands for General Data Protection Regulation which is a...

Rui Estêvão
Scriptor Server Product Manager

Did you know that Scriptor Server 10, has a new homepage that can be fully customized?

Rui Estêvão
Scriptor Server Product Manager

Content creation and delivery in digital format has been a challenge since the beginning of the digital...

Rui Estêvão
Scriptor Server Product Manager

New system present in toolbar improves project management and communication with customer.

Rui Estêvão
Scriptor Server Product Manager

Save time when importing and exporting information.

Rui Estêvão
Scriptor Server Product Manager
Other articles

Long before Netflix was a reality in Europe, Scriptor Server had already been proving itself in the...

Susana Palma
Marketing Manager

Scriptor Server is an indispensable tool that allows companies to transform complex data into an...

Susana Palma
Marketing Manager

The 360 evaluation solution allows managers to evaluate their teams' performance in an easy, agile and...

Susana Palma
Marketing Manager

Through Scriptor Server, ViaTecla created a fully modular and configurable intranet, dedicated...

Susana Palma
Marketing Manager

REN's newsletter "EmRede" is now more digital, with an easier navigation and sent automatically through...

Susana Palma
Marketing Manager