At Foxit, we work with dozens of customers in helping them achieve full GDPR compliance. If your document management system needs to be reviewed because of new regulation, consider the possibility of getting Foxit’s help.
What Is GDPR?
On May 25, 2018, the General Data Protection Regulation (GDPR) was implemented across Europe and any companies who have customers in any EU country. This regulation impacts how companies collect and process data from individuals who live within the EU. If you are unsure about how GDPR will affect your business, read more on the official GDPR website.
We work with many enterprise customers to ensure that they are GDPR compliant in their document management. If you are unsure how your document management system will hold up, fill in our contact form at the bottom of our page and a senior member of our team will get in touch to discuss your options.
New Requirements under GDPR
Regardless of the size, location or type of business you have, if you have personal information about a citizen within the EU, you need to abide by GDPR. You must carry out a Privacy Impact Assessment (PIA) on all systems that hold sensitive information about a person to ensure that it is safe and secure, and also easily supplied to the person if requested.
GETTING READY FOR GDPR
Every company is different but processes can be streamlined. Below we have created an example process that sums up how PDF technology can ensure your document management system complies with GDPR.
- Audit the way you treat customer data within your document management and archiving systems. Can you easily find, edit, redact or delete that information?
- Leverage PDF metadata within your document system so that personal information can be easily found in files
- Carry out a PIA on this system to ensure personal information is not compromised at any stage of the process
After Preparation – A practical case
- A data subject requests deletion of their information
- Your data officer receives this request and starts to identify the data subject’s personal information within the company’s CRM, document management system, invoicing system, ERP, even email inboxes.
- Using Full-Text Search you can identify information within all PDF documents
- Using redaction, you can delete personal information from said documents
- You send confirm and selected screenshots as proof that you have removed the data subject’s personal information from your systems
Is your company GDPR-ready?
A Privacy Impact Assessment (PIA) essentially is carrying out a risk assessment of the proposed processing of personal data. There is a high risk to personal information if your company is processing it. A PIA gives you a complete view of the risk and possible steps to make processing more secure for data subjects. This assessment needs to be carried out as part of GDPR preparation to ensure a seamless process.
Foxit’s GDPR Solution
Full Text Search
If a customer requests proof of all their information you hold, you need to be able to search all your documents for references to that customer quickly and easily. Using full-text search across all your documents, every PDF document can be scanned for instances of a word or snippet of text, cutting out the need for manual searching. This quick process is even successful in searching for special characters within documents.
With PDFs, companies can set the metadata behind documents to make files easier to categorize and search. For instance, each data subject’s profile in your database will have a uniquely identifiable code that can be added to document metadata when personal information is present. Once information is requested, a company can search for the unique code which will pull any documents that hold data from that customer in a matter of seconds.
Redaction is a great tool to censor or obscure information in an otherwise important document. It allows you to edit a document without altering the authenticity of it. If a data subject asks for their information to be deleted from your systems, you can easy redact information in contracts, invoices and other documents while still retaining the valid legal documents for future proof of business, with just a click and drag of a mouse.
PDF is the most secure file format in the marketplace, so why wouldn’t you want to use it to archive your documents? Not only is it secure but a specific PDF type, known as PDF/A, holds an ISO Standard to ensure all important information regarding how to render document is included before archiving so it looks the same as the original in the future and on any system. If that is not safe and secure, we don’t know what is.
Document Protection with GDPR in Mind
The media have talked about GDPR to death but not from a document management perspective. Discover how to protect personal information within PDF documents
Why PDF is your GDPR Solution
We are actively working with key enterprise companies to create a custom GDPR Solution that can help you become GDPR compliant. Find out more today