A Document Management System is a key tool for compliance with GDPR:
The General Data Protection Regulation (“GDPR”) has an enforcement date of 25 May 2018 thereafter those found not to be compliant face heavy fines.
This regulation effectively has two main themes
- Ethical use of data (specifically personal identifiable information “PII”)
- Secure handling of that data
The ethical use of data is addressed by the first five (of the six) principles along with the rights granted to individuals. Security is addressed by the sixth principle.
Compliance with the Regulation requires a “data custodian” mind set. Just because you hold the data, it does not belong to you. The GDPR is therefore effectively an End User Licence Agreement for the PII you hold on behalf of individuals.
The combination of this mind set and tools like Invu Document Management can help enable you to comply with GDPR.
Invu document management provides:
- Centralized and policy controlled business document store – Using strong metadata to identify the nature and sensitivity of the documents and manage their retention.
- Secure Storage – Policy driven controls to restrict access and actions enables only those who need to see the information to do so. Security can be further enhanced utilising Microsoft encryption.
- Fully Audited Access – All actions, including reads of a document, are fully audited which enables access reviews to be easily and effectively carried out.
- Organized structure – Organizing your documents with document types, metadata and folders provides a powerful and compliance focused way to manage your information. Truly link your data to people, clients and more.
- Powerful Search – A powerful and fast search engine, combined with automatic OCR ensures powerful search and mining of documents for rapid retrieval based on both metadata and/or the content.
- Document Retention – All documents can carry an expiry date driven by policy or business event. Expired documents can be removed from visibility and later expunged to comply with regulation.
Existing Invu document management users should:
- Know what you’ve got and where it is – discover Pll
- Keep only what you need – enable document retention
- Organize your structure for Pll protection by design – review and if necessary reconfigure their DMS structure
- Establish compliant access control – perform a Security Analysis and cosider enhancements
If you would like to find out more about how our Services Team can help you with GDPR fill out the form below.