3 Ways Content Services & ECM Can Help in Compliance
Presented by: Ephesoft
Presented by: Ephesoft
With the effective date for the new General Data Protection Regulation (GDPR) fast approaching, now is the time to put in a solid strategy when it comes to documents and images. Organizations not only need to implement process and procedure for handling private information, but also need a firm evaluation of “current state” to understand high risk areas of their business and their understand their exposure. Below are the four key steps, as outlined by Microsoft’s GDPR Strategy, and how you can incorporate a document-centric view within your plan:
Discovery will probably be the most challenging step when it comes to documents and GDPR. When it comes to the enterprise, the vast majority have a large number of document repositories. Just think of the modern workplace, and all the locations where documents reside:
The ability to crawl and identify high risk entities within these locations is critical for compliance. Here is a checklist of required functionality when in comes to a technical solution:
Once a GDPR document inventory is complete, and an organization understands their areas of document risk and exposure, a plan can be put in place to manage and govern the assets of their data subjects. This phase or step within your GDPR document strategy can include the following:
In the protection step, organizations need to put security controls on all documents deemed as high risk. But the protection step also requires thought on future documents, and protecting new private assets. As outlined in “Manage”, an effective document transport technology will identify and route newly ingested documents to a protected resting place. Organizations also need to implement real-time controls for high risk identification and classification. Here are some examples:
The new GDPR standard is all about accurate record keeping, which provides transparency and overall accountability. Knowing all the document types that can be classified as having personal information, and the processes around them, are critical to insure compliance. An audit of policies and procedures is sure to require records of document creation, or ingestion, how it was handled, and where it was ultimately placed under management. All of the technologies mentioned in this article have broad reporting and analytics capabilities.
With the complexities of GDPR, standard reporting wont suffice in most cases, and the ability to perform deep analytics to track and identify key data and documents will be a requirement.
Just a quick post on strategy for GDPR when it comes to the unstructured content that lives within documents. Let me know your thoughts on the topic.
As the looming deadline for GDPR approaches, companies are searching for solutions to address numerous challenges. One of the most difficult is historical digital documents. With most large, global organizations having at least 10+ repositories, how can you engage in efficient discovery to find high risk data in the form of documents? This video shows the power of Ephesoft’s GDPR Solution for Documents, Insight.