GDPR; secure document management helps ensure compliance

GDPR, its implications and adhering to it have dominated the thoughts and actions of many a data security, marketing, operations or HR manager these past few years. It’s one of those things that can easily get confined to the ‘boring but important’ basket. But GDPR is very important – on many levels.

The Data Protection Act (2018) outlines the UK implementation of the EU’s General Data Protection Regulation (GDPR) legislation. In essence it’s a set of strict guidelines around the collection and management of personal data by businesses and organisations. It outlines how those responsible for storing, using and managing data need to follow what’s known as ‘data protection principles’. The objective is to ensure personal data and information is only used for legitimate, lawful purposes and that it’s used openly and fairly. Additionally, businesses storing personal information need to ensure it’s stored securely.

Despite the UK leaving the EU, GDPR has been retained in domestic law as the ‘UK GDPR’. The UK GDPR sets out seven main principles: Lawfulness, fairness and transparency; Purpose limitation; Accuracy; Storage limitation; Accountability; Data minimisation; Integrity and confidentiality (ie, security) and data minimisation. Now that the UK has left the EU the framework could be subject to a future review – though there are no indicators that this is likely to happen any time soon.

Secure, reliable ways to store data

With so many new rules, regulations and restrictions, organisations need tight processes to comply, or potentially risk expensive censure. It’s a complex task to manage effectively, especially using manual processes and systems. Reliable, secure alternatives to managing personal data manually are critical. But what should organisations be looking for in a data management solution? What criteria needs satisfying? They need solutions that:

1. Simplify the accurate and secure capture and storage of data.
2. Digitise and store legacy documentation.
3. Have an auto retention/data purging function – to ensure information is only held as long as required, and then deleted accordingly and appropriately.
4. Leave a clear audit trail – ideally with time-stamped activity, thus eliminating worry, time, costs and the risks associated with internal and external audits.
5. Have an easy search facility to find data and information.
6. Reduce carbon footprints.

The very act of eliminating paper and a paper trail is not only a significant timesaver but also means data is more secure – no more confidential documents left on photocopiers or files forgotten on public transport. There are obviously environmental benefits as well.

Document Manager

iTrent Document Manager meets these needs. In working with a customer recently, a weighty 12 million records were digitised – simply, safely and accurately – using iTrent Document Manager. This meant a significant saving in terms of office space and importantly, increased peace-of-mind regarding document storage.

MHR and DLX worked together to deliver and implement iTrent Document Manager at Queen’s University Belfast – an MHR customer for nearly 30 years. Our case study outlines what Queen's was looking for and the benefits enjoyed since implementing it.

GDPR – work with it

GDPR threw many organisations and businesses into varying degrees of turmoil when it was introduced. While some considered it a burden and focused on implementation costs, GDPR isn’t something you can rationally argue against. The protections it offers individuals are both important and reasonable. And it’s clear that it – or something very like it, even if the UK government reviews it in light of Brexit – is here to stay. Organisations are getting used to GDPR – but they shouldn’t be looking to manage even relatively modest amounts of data manually. Professional support, with added peace-of-mind, is available through the likes of iTrent Document Manager.