General Data Protection Regulation
Data protection compliant step by step
Since 25 May 2018, the EU-GDPR has been binding throughout the European Union. If you have not yet done so, create the conditions for full implementation, step by step and with a good plan and realistic solutions.
Here we have summarised the most important things for you and show you how document management makes your work easier.
The most important facts about the EU-GDPR at a glance
Four fundamental measures
Identify what personal data are located where in your company and how they are preserved or digitally stored.
Establish data models, automatic processes, and workflows in your IT systems which will put you in the position to be able to provide data subjects with information about what data are stored in your company and how. It must be possible to change, block or delete data in due time.
Implement data protection management for your company’s IT systems and control, for example, your access and authorization concepts and all other technical and organizational measures.
Last but not least, monitor the requirements of the EU-GDPR continually and carefully.
Have the data been lawfully collected, processed and stored? Are the data still “correct”? Is the original purpose still available? Is it possible to check who changed or accessed the data? You should be able to answer “yes” to all these questions.
The most important thing is the documentation of all your measures and procedures for handling personal data.
How do IT systems help you to be in compliance with the EU-GDPR?
Privacy by Design
Privacy by Design means data protection through technical design. In order to become or remain GDPR-compliant, you must migrate to a system which allows you to implement the requirements technically. Required processes (deletion periods, for example) must be already set up in the implementation phase so that you can maintain the guidelines as automatically as possible within the company.
Privacy by Default
Privacy by Default, on the other hand, describes the technological parameters of an IT system in its “delivery state”. It must not include any settings which violate data protection and which must later be painstakingly corrected. With EASY SOFTWARE, you can count on it. In short, introduce automated processes to your company with EASY.
Privacy by DesignGDPR-compliant with EASY SOFTWARE
Document management systems can help you, because they allow you to control where personal data are stored in your company and who has access to those data. With the right data model, you have quickly handled the “identification” step.
DMS systems can also help you to specify standard deletion periods in a short time. You can revise the deletion periods, which are set up individually, in the second step.
For example, our product EASY Archive Smart essentially permits GDPR-compliant operation. To do so, you make appropriate configurations – even later – to scenarios and connected IT systems in order to be able to archive personal data in compliance with the GDPR.