Companies across ANZ who provide services for, or do business with organisations in the EU that have come under Europe’s GDPR laws as of May 25, need to be aware of what the new rules mean for their business.
The governance of personal information will have to be scrutinised, and subject to new rules. The same goes for information that is sensitive or high-risk to an organisation or individual, it all must be carefully evaluated, and decisions made about the best practices for policing accessibility, data flow between servers, archiving and end-of-life policies.
A content services solution can help with many aspects of the GDPR rules, protecting data on the one hand while allowing access protocols to be applied at the same time as improving the flow of information within a company.
Organisations can use the OnBase enterprise information platform to create solutions that support their GDPR compliance initiatives.
A variety of out-of-the-box functionality, flexible configuration options and built-in security controls offer the agility needed to help navigate the changing data privacy landscape.
OnBase helps organisations support their GDPR compliance initiatives, including:
- Security and data protection: GDPR requires companies to take reasonable data protection measures for sensitive and personal information. The OnBase platform is highly secure by design – from development to post-launch support – with a dedicated application security team that continuously enhances and improves security protocols. Together with powerful encryption, our security practices ensure critical information like personal data and documents are protected at every state: while at rest, while in use and while in transit between servers. Built-in features like strict password policies and granular rights management provide control over exactly who can access information and what they can do with it.
- Right to erasure and records management: Organisations can use OnBase to uphold individual privacy rights by securely storing, protecting and destroying information. This supports GDPR privacy mandates, such as an individual’s right to have their data erased (‘right to be forgotten’). Using pre-defined rules, OnBase can fully automate the records management process, from document creation to record declaration through final disposition/removal. Streamlining the retention and destruction of documents containing personal data enforces corporate policies while minimising or eliminating penalties associated with accumulating expired records. Organisations can set retention time periods based on regulatory requirements or automatically trigger disposition based on a specific event or request.
- Streamlined compliance-related processes: With configurable workflow automation and case management functionality, you can improve GDPR compliance-related processes. These include tracking information about archived documents; providing reminders of upcoming audits; processing the steps to obtain consent and fulfill the ‘right to be forgotten’; and notifying appropriate parties of security breaches or data loss. Solutions can be designed to track registration of controls, audits, results, deviations and corrective actions, with reporting dashboards for insight into these areas to continuously improve. OnBase can also help organisations manage internal policies and procedures that support GDPR. With automatic distribution of policies, digital confirmation by recipients and reports of acknowledgments and delinquencies, organisations ensure employees are trained on the latest data privacy standards.
- Data management and findability: GDPR requires organisations to securely and efficiently manage individuals’ sensitive and personal data – and the ability to produce specific data on demand to fulfil a request is key. OnBase enables organisations to tag content with related metadata. Information can be stored alongside the document itself and used to dynamically link all related content – equipping users to quickly find all information for a particular customer, case, incident or request.
- Auditability and reporting: Assisting organisations in working toward GDPR compliance and preparing for audits, OnBase logs every time a user accesses, views, edits or acts on a document or data record. Authorised executives and managers have access to review audit logs to ensure anyone accessing personal information is following organisational or industry standards. Audit information can even be made available to external auditors via a secure website, helping to avoid costly penalties, streamlining audits and supporting corporate and industry compliance measures.
The GDPR is aimed at protecting the rights of individuals, and holding companies accountable for the secure handling of their information. A modern content services solution will go a long way towards making that process easy and secure, potentially saving enterprise from the risk of breaching international laws.
Category: SoftwareCompany about: Hyland is a leader in providing software solutions for managing content, processes and cases for organisations across the globe. For 25 years, Hyland has enabled more than 15,500 organisations to digitalise their workplaces and fundamentally transform their operations. Named one of Fortune’s Best Companies to Work For® since 2014, Hyland is widely known as both a great company to work for and a great company to do business with. For more information, please visit Hyland.com