Skip to the main content

0344 863 8000
Sign up for our Newsletter
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon

Your Data Matters: How will your organisation handle a GDPR query?

Your Data Matters: How will your organisation handle a GDPR query?

The upcoming General Data Protection Regulation (GDPR) legislation presents particular challenges when it comes to managing Subject Access Requests (SARs) and Right to Erasure (“Right to be forgotten”/RTBF) requests. These requests allow an individual to access and delete personal data held about themselves.

And with the launch yesterday of the Information Commissioner's Office (ICO) 'Your Data Matters' campaign targeting the general public, the question is, just how will your organisation respond to these requests without distracting from their core business or compromising on their compliance to the more stringent regulation?

Both these requests will represent a significant challenge in terms of consistently and reliably locating personal information and responding within the timeframes required under the regulation. Think of all the paper filing, archive, databases, systems, email and discs that would be need to be checked!

In a perfect world, an automated solution would access all the relevant personal data within a digital system with zero paper. However, this would mean that all systems that hold data such as HR, and CRM databases would need to be accessible; all personal data would then need to be retrieved, deleted or redacted as required. The specification for such software would be very high for this to happen, for example, language processing capability identify relevant references.

Also, the filing of documentation would need to be flawless with accurate classification of documents making retention policies easy to administrate.

In reality, very few organisations operate in a true paperless fashion and systems can be diverse, fit for their original purposes and not set up for compliance readiness.

The recommended solution for most organisations is to use process automation software to manage a series of manual operations effectively. This can be achieved with Arena’s mstore software platform that can provide effective ways of managing your SAR and RTBF requests, and also deliver system integration, retrievability, security, redaction and document retention amongst a host of other business benefits relating to compliance and efficiency.

mstore also provides reporting on compliance tasks in progress, a list of completed requests and critically, an audit trail of each action, by system user and date/time equipping your organisation to be GDPR ready.

An overview of how Arena’s mstore platform can help you get to grips with the GDPR will be provided in our free webinar ‘Managing and leveraging customer data under the GDPR: your questions answered’. Delivered with legal partners, 3Volution, the webinar is also designed to provide answers to your outstanding queries about managing customer consent.

Sign up for free here.

Note: Nothing in this blog should be construed as legal advice or otherwise relied upon as formal best practice.

Expert News | Blog

View all news

© 2018 Arena Group Ltd | Cookies & Privacy | Terms of use | Web design by eskimosoup | Accessibility

The Arena Group comprises: Arena Group Holdings Limited, a company registered in England and Wales (with registered company number 03735943 and VAT number 734562528) and its subsidiary company: Arena Group Limited a company registered in England and Wales (with registered company number 02168309 and VAT number 458238033). The Registered office of all Arena Group companies is Armitage House, Thorpe Lower Lane, Robin Hood, Wakefield, WF3 3BQ. Authorised and regulated by the Financial Conduct Authority for credit-related regulated activities.