In April 2016, the General Data Protection Regulation (GDPR) was passed in the European Union (EU) and will be enforced beginning in May 2018. The intention of GDPR is to strengthen and unify data protection for all individuals within the EU. Most organizations that process personal data about EU residents (whether as customers, contractors or employees) will need to comply with the GDPR. Compliance will be a significant undertaking for most enterprises and failure to have a defensible approach may result in substantial penalties.
CIGNEX has built the strategy and road-map to deal with GDPR sensitive information specially for EU based organizations to help them in complying with the GDPR using Alfresco GDPR framework before May 2018 deadline.
Alfresco GDPR framework is not a solution but it is a model which offers a unique set of GDPR-specific services that address both the securing of GDPR- sensitive information, as well as GDPR- related processes that have been demonstrated using the below diagram
One of the primary requirements for every organization is to evaluate, revisit and potentially changing their existing policy or create a new policy when it comes to handling personal data. User Information has to be properly processed based on following stages – Authorization, Review, Approval and Certification. Alfresco has an out of the box feature – Audit Trail to capture the transactions of the each and every stage.
In order to protect the data that is HTTPR sensitive, Alfresco has created a model – GDPR Asset register in the framework which is based on metadata that allows collecting information specifically about the assets – A Unique ID, Who is the official owner, Which department it belongs to (Security Marks), whether it is encrypted or not, Risk profile based on severity - High, Low & Medium, Which territory or region the data needs to be contained within.
Organization can also ask individuals for consent and define – who has provided consent to use the data, when they have provided permission and when the same will be expired, date when the consent will be removed. Additionally, there is also parameter wherein authorized user can view/declare the reason of consent removal, when and who has removed the consent.
All the parameters ensure the security of the personal data and restrict it’s accessibility from anybody who has not authorized to access the information.
Please connect with us for a quick consultation to know how the capabilities of Alfresco GDPR framework will help your organization for GDPR compliance and to get support from CIGNEX to accelerate your journey.