Brief explanation of GDPR
The General Data Protection Regulation (GDPR) affects every company that handles the personal data of European Union citizens. It affects the way businesses in the UK collect, use and store personal data and large penalties are enforced on organisations that fail to comply.
File Director is an electronic document management system which can help organisations become compliant, by not only securing personal and sensitive documentation, but by applying built-in rentention control to the data. With the addition of reporting on the retention controls, organisations can show proof of compliance.
Quick and secure access to personal data
At the point of scanning key index fields can be collected from a document, information such as order numbers and dates as well as personal information such as D.O.B, names and addresses can all be indexed to allow easy but secure access to customer documents. One requirement of GDPR is that organisations must provide all personal data stored on a EU citizen when requested to do so. In GDPR this is defined as a subject access request policy and procedure and must be completed within 30 days from when the request is submitted. FileDirector makes this easy by allowing hundreds of documents to be compiled through simple use of index fields which can then be sent to the person making the request.
Monitor control and access revisions
Part of GDPR is that organisations who store data only use them for the purposes they were collected for, additionally personal data should only be shared within the organisation to those that require access to it. FileDirector allows you to assign individual users or departments into groups giving them certain privileges to view or edit certain documents. Controlling access within File Director like this also lowers the chances of a catastrophic data breach. GDPR dictates the ICO must be informed of a data breach within 72 hours and also any customers affected must also be contacted without undue delay. In the unlikely event that a data breach does occur FileDirector can help streamline investigations with its revision and access control features allowing you to monitor who has accessed documents and what changes have been made.
File Director Web Interface
When it comes to fulfilling a subject access request under GDPR, File Director has a build in web interface which allows documents to be shared securely through an online portal. This can be placed on a company website and accessing the required documents would just be a case of sharing a one time use login with the person making the request and uploading their documents for them to access. When fulfilling a subject access request under GDPR the documents could be sent by post and email however this is much less secure, more costly and is not a good long term solution for sharing thousands of documents.