Sink or Swim: Why IT managers can't ignore the EU's new data deletion directive
Recently the EU introduced the Revised Data Protection Act that's making waves, especially for Small and Medium Enterprises (SMEs). Timely data deletion, in particular, is emphasized, meaning data should not be retained beyond its legitimate purpose.
Until now, most EU companies have focused on retention, however deletion was not mandatory, and thus, was often neglected. This change has made policies and processes for data retention and also for deletion crucial.
Here are some primary steps enterprises should consider for compliance:
Internal Directives and Processes
Timely Data Deletion: Implement regulations for data deletion. Data shouldn't be retained longer than necessary. Establish clear policies and processes for data retention and deletion. Proper classification and records management tools are becoming vital to keep effort of staying compliant reasonable.
Data Governance Policy: Enterprises should document their principles regarding personal data handling in an internal directive, such as a Data Governance Policy. Documenting is good as long as it is implemented. With proper Records Management software you can automate your retention and disposition policies – easy and transparent for end users.
Employee Training: Conduct regular training for employees to ensure they understand and adhere to the data protection measures in place. Even with automated classification in place, ownership over the data is with people. Understanding the requirements and handling is crucial.
Solution Idea
Data Governance Policy: OpenText Content Suite provides a centralized platform to create, manage, and access company-wide data policies. This facilitates documenting principles regarding personal data handling seamlessly and included enhanced records management capabilities to automate retention, disposition and legal holds on records
Central Storage: OpenText Extended ECM for SAP or OpenText Extended ECM Microsoft O365 streamlines data access request management, ensuring businesses can efficiently handle, track, and respond to data requests. One source of truth, avaliable in multiple application.
SAP Data Archiving is specifically designed for SAP systems, it helps in archiving older SAP data that can be removed from the live environment, ensuring the data is not retained beyond its purpose. It not only reduces the costs of using memory, but also helps with compliance.
Information Obligations
Data Acquisition: Now, with every collection of personal data, the concerned individual must be informed in advance about the usage of their data. This includes its purpose, any third-party or overseas transfers, retention duration, their rights, and contact details. Existing privacy statements might need updating or new ones to be created.
Consent Management: In specific cases, such as collecting particularly sensitive data or email marketing, consent from the concerned individual may be required. It's essential to have a consent management system, ensuring that withdrawal of consent can be efficiently managed.
Solution idea
With OpenText Core Signature, businesses can obtain and manage electronic consents efficiently, ensuring regulatory compliance for data collection.
Enterprise Content Management (ECM): key to navigating the revised data protection act.
ECM plays a pivotal role in managing data efficiently, keeping records organized, and making deletion more systematic and compliant with the law. The modern ECM system aids companies in tracking, managing, and deleting data as per the stipulated guidelines.
Here's how ECM can help:
Data Mapping: ECM helps businesses know where their data is, making it easier to access, manage, and, if necessary, delete.
Records Management: With ECM, companies can define clear policies for data retention, ensuring they're not retaining data longer than necessary.
Automated Deletion: Modern ECM solutions can automate the data deletion process based on the policies set, ensuring compliance without manual oversight.
Audit Trails: ECM provides a clear record of what data was accessed, modified, or deleted, making it invaluable for businesses that need to prove compliance.
Discover more
With the Revised Data Protection Act emphasizing timely data deletion, the role of Enterprise Content Management has never been more crucial. Our comprehensive suite of services provides the essential foundation for success.
Enterprise Content Management Strategy & Pre-Study evaluates your current infrastructure, laying the groundwork for a seamless integration with the new directives.
Program & Project Management ensures timely and within-budget project completion, tailored to the unique needs of your enterprise.
With Solution Design & Implementation, we don't just offer tools; we fully implement solutions that are compliant with EU standards, ensuring your organization remains ahead of regulatory challenges.
And, our commitment doesn't end post-implementation. With Ongoing Support & Managed Services, we ensure consistent alignment with regulatory updates, providing you the peace of mind to focus on what you do best.
You might also find this interesting
-
The Ultimate Guide to Document Management: How to Streamline Your Business Processes
-
5 most burning questions about Enterprise Information Management
-
Discover SAP Data Archiving for your large SAP Databases