30 July 2018
Document management solutions provide:
What they are not necessarily capable of is identifying and separating personally identifiable information (PII) from everything else in each document.
Access
Processes must be implemented to grant or remove access to PII when staff join, move within or exit the company.
Encryption
To be compliant with GDPR, documents must remain encrypted whether stored in document management, in-transit, stored locally or when backed up for disaster recovery.
Remote Working
The use of personal equipment to store documents or public Cloud solutions create a potential exposure.
Breach Notification
If it can be proven that a document is encrypted, then the obligation to report a breach to the data subject is removed, however, the ICO must be notified within 72 hours of the breach becoming known.
Rights of the Data Subjects:
To find how our friendly and knowledgeable solicitors can help you, contact us today.
Make a free enquiry - Call now - 0151 659 1070