At Foxit, we are already working with dozens of customers in helping them achieve full GDPR compliance before May 25th. If your document management system needs to be reviewed because of new regulation, consider the possibility of getting Foxit’s help.
What Is GDPR?
On May 25, 2018, the General Data Protection Regulation (GDPR) will be implemented across Europe and any companies who have customers in any EU country. This regulation will impact how companies collect and process data from individuals who live within the EU. If you are unsure about how GDPR will affect your business, read more on the official GDPR website.
New Requirements under GDPR
Under new EU regulations, anyone within the EU that you store personal information about (clients, prospects, even your own employees) can ask for a full report of every piece of information you have on them which they should receive in 30 days or less. Personal information is any information that can identify a person, e.g. Name, Address, Email, etc.
Regardless of the size, location or type of business you have, if you have personal information about a citizen within the EU, you need to abide by GDPR. You must carry out a Privacy Impact Assessment (PIA) on all systems that hold sensitive information about a person to ensure that it is safe and secure, and also easily supplied to the person if requested.
Getting ready for GDPR
Every company is different but processes can be streamlined. Below we have created an example process that sums up how PDF technology can ensure your document management system complies with GDPR by May 25th.
Before May 25th
- Audit the way you treat customer data within your document management and archiving systems. Can you easily find, edit, redact or delete that information?
- Leverage PDF metadata within your document system so that personal information can be easily found in files
- Carry out a PIA on this system to ensure personal information is not compromised at any stage of the process
After May 25th – A practical case
- A data subject requests deletion of their information
- Your data officer receives this request and starts to identify the data subject’s personal information within the company’s CRM, document management system, invoicing system, ERP, even email inboxes.
- Using Full-Text Search you can identify information within all PDF documents
- Using redaction, you can delete personal information from said documents
- You send confirm and selected screenshots as proof that you have removed the data subject’s personal information from your systems
Is your company GDPR-ready?
Foxit’s GDPR Solution
|If a customer requests proof of all their information you hold, you need to be able to search all your documents for references to that customer quickly and easily. Using full-text search across all your documents, every PDF document can be scanned for instances of a word or snippet of text, cutting out the need for manual searching. This quick process is even successful in searching for special characters within documents.|
|With PDFs, companies can set the metadata behind documents to make files easier to categorize and search. For instance, each data subject’s profile in your database will have a uniquely identifiable code that can be added to document metadata when personal information is present. Once information is requested, a company can search for the unique code which will pull any documents that hold data from that customer in a matter of seconds.|
|Redaction is a great tool to censor or obscure information in an otherwise important document. It allows you to edit a document without altering the authenticity of it. If a data subject asks for their information to be deleted from your systems, you can easy redact information in contracts, invoices
|PDF is the most secure file format in the marketplace, so why wouldn’t you want to use it to archive your documents? Not only is it secure but a specific PDF type, known as PDF/A, holds an ISO Standard to ensure all important information regarding how to render document is included before archiving so it looks the same as the original in the future and on any system. If that is not safe and secure, we don’t know what is.|
Document Protection with GDPR in Mind
The media have talked about GDPR to death but not from a document management perspective. Discover how to protect personal information within PDF documents
Why PDF is your GDPR Solution
We are actively working with key enterprise companies to create a custom GDPR Solution that can help you become GDPR compliant. Find out more today