Organisations can use the OnBase enterprise information platform to create solutions that support their GDPR compliance initiatives. A variety of out-of-the-box functionality, flexible configuration options and built-in security controls offer the agility needed to help navigate the changing data privacy landscape.
OnBase helps organisations support their GDPR compliance initiatives, including:
- Security and data protection: GDPR requires companies to take reasonable data protection measures for sensitive and personal information. The OnBase platform is highly secure by design – from development to post-launch support – with a dedicated application security team that continuously enhances and improves security protocols. Together with powerful encryption, our security practices ensure critical information like personal data and documents are protected at every state: while at rest, while in use and while in transit between servers. Built-in features like strict password policies and granular rights management provide control over exactly who can access information and what they can do with it.
- Right to erasure and records management: Organisations can use OnBase to uphold individual privacy rights by securely storing, protecting and destroying information. This supports GDPR privacy mandates, such as an individual’s right to have their data erased (‘right to be forgotten’). Using pre-defined rules, OnBase can fully automate the records management process, from document creation to record declaration through final disposition/removal. Streamlining the retention and destruction of documents containing personal data enforces corporate policies while minimising or eliminating penalties associated with accumulating expired records. Organisations can set retention time periods based on regulatory requirements or automatically trigger disposition based on a specific event or request.
- Streamlined compliance-related processes: With configurable workflow automation and case management functionality, you can improve GDPR compliance-related processes. These include tracking information about archived documents; providing reminders of upcoming audits; processing the steps to obtain consent and fulfill the ‘right to be forgotten’; and notifying appropriate parties of security breaches or data loss. Solutions can be designed to track registration of controls, audits, results, deviations and corrective actions, with reporting dashboards for insight into these areas to continuously improve. OnBase can also help organisations manage internal policies and procedures that support GDPR. With automatic distribution of policies, digital confirmation by recipients and reports of acknowledgments and delinquencies, organisations ensure employees are trained on the latest data privacy standards.
- Data management and findability: GDPR requires organisations to securely and efficiently manage individuals’ sensitive and personal data – and the ability to produce specific data on demand to fulfill a request is key. OnBase enables organisations to tag content with related metadata. Information can be stored alongside the document itself and used to dynamically link all related content – equipping users to quickly find all information for a particular customer, case, incident or request.
- Auditability and reporting: Assisting organisations in working toward GDPR compliance and preparing for audits, OnBase logs every time a user accesses, views, edits or acts on a document or data record. Authorised executives and managers have access to review audit logs to ensure anyone accessing personal information is following organisational or industry standards. Audit information can even be made available to external auditors via a secure website, helping to avoid costly penalties, streamlining audits and supporting corporate and industry compliance measures.
Article content courtesy of Hyland.