ALA (Association of Legal Administrators) 2018, 3rd-6th May (National Harbor, MD)
29 November 2017
17th Annual Champagne & Beaujolais Evening 2017
11 December 2017

GDPR and how our technology can help you with compliance

The General Data Protection Regulation (GDPR) enforcement begins 25th May 2018. We hope with this article we can help our users understand the GDPR and how software and solutions they already use can help them comply.

Here are some facts

  • On 27th April 2016 it was passed that the GDPR would replace the EU Data Protection Directive.
  • GDPR enforcement begins 25th May 2018.
  • Protecting the rights of a persons personal data and how it is processed is key to GDPR compliance.
  • The GDPR is designed to protect residents of the EU from fraudulent use of personal data. Over 113 million personal records have been stolen since 2013 in the UK alone, which shows you how big of an issue it is.
  • Over 60% of customer information is stored in business documents, which means they are likely to contain personal data protected by GPDR.
  • Failure to have in place accountable and provable processes, procedures and protection for personal data can result in failure of compliance
  • The GDPR applies to entities inside and outside the EU that process the personal data of persons in the EU.
  • The GDPR imposes fines of up to €20,000,000 or 4% of revenue, whichever is highest, for violations of its regulation.
  • The GDPR applies not only to data stored electronically, but also all information stored in hardcopy files and prints.
  • No one product or solution can make your firm GDPR compliant.

What information does GDPR apply to

  • Personal Data -The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified. This definition provides for a wide range of personal identifiers to constitute personal data, including name, email, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria.
  • Sensitive Data  The GDPR refers to sensitive personal data as “special categories of personal data” (see Article 9). The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual.

Questions to ask yourself  

  • Where do you store your electronic documents and are they secure when at rest or in transit?
  • Do you still have lots of paper documents that may contain personal data?
  • Are they in a format so you know what’s in the contents of all these documents and they are fully searchable?
  • How often is paper left unattended at a printer that could contain personal data?
  • How many copies of a document exists and who copied or printed it?

How can the products you use help with compliance

Here is a brief run down on how our product portfolio can help with compliance.

  • Hubshare (extranet & secure file sharing platform)
    • Hubshare is designed so all documents and information are kept secure and private giving you a central portal to store information on how personal data is managed and used. It is also a central place to manage and log data breaches, track staff training on GDPR and manage change control with our projects module.
    • Your documents and data are encrypted both in transit and rest giving users a secure area to exchange documents, when in the office or on the move, containing personal information instead of emailing them.
    • You will need to be updating your contracts and processes to make them GDPR compliant, so Hubshare provides a perfect place to manage these with version control.
    • A full audit trail allows you keep up to date with where your files have been and reside.
    • Advanced rights management within the platform helps manage the security of who can see what personal data.
    • Hubshare offers the ability to easily demonstrate that you have a solution that supports your companies GDPR compliance.
  • NetDocuments (document management system)
    • NetDocuments meets the GDPR security requirements for Processors (article 28) through a comprehensive security infrastructure.
    • NetDocuments enables customers to accurately control how long to retain documents, how to manage documents, and how to store and transmit documents securely.
    • NetDocuments is designed and operated so that all documents stored are kept private and secure, both in transit and rest.
    • This and many other features in NetDocuments make this a service for you to comply with many GDPR requirements.
    • For more GDPR information directly related to NetDocuments get in contact with us.
  • Copitrak (Tracking & Follow me print)
    • Protects the authorisation of copying and printing as well as keeping it secure. This is a pre requisite for the monitoring of unauthorised access and being accountable as required by the GDPR.
    • Never leave unattended printed emails that contain personal information on a printer again – get a follow me print solution.
  • eCopy Sharescan & Copitrak Scan (scan workflow)
    • A powerful OCR engine is key to GDPR, making all your paper document searchable electronic documents as well as converting those image based PDF’s such as passport scans to searchable files.
    • Secure scan routing is perfect for getting paper to digital in a searchable format and make it easier to securely transport files to comply with GDPR requirements.

For more GDPR information directly related to NetDocuments and/or Nuance products, get in touch contact with us

If you want to read the GDPR report in full visit the official site