GDPR, the new EU data protection regulation, will be coming into effect on May 25, 2018.
And, if your organization deals with the personally identifiable information (PII – definition here) of EU citizens, you will come under the law’s remit—regardless of where your business is based.
So, if you haven’t started putting into place your strategy for compliance, start doing so immediately!
Complying with the new EU data protection rules will involve various changes to how businesses work, some major. Many organizations will have to hire a Data Protection Officer to independently ensure the business is following the rules by the book. Every business will have to set up a breach notification process and they will also have to implement a procedure to provide citizens with a right to be forgotten, among many additional processes.
Our teams at Nintex are currently on the road in Europe, hosting a series of roadshows demonstrating Nintex and our new platform, the Nintex Workflow Cloud.
We’ll be exploring how organizations of all sizes can deploy modern workflows which will help you comply with the new EU data protection regulations—in the meantime, let’s see how right here.
The EU Data Protection Rule is Really About Processes
The new EU data protection rules define how companies manage data in specific ways.
These new ways of managing PII will require companies to put in place complex processes in order to comply with the law. For instance, if you receive a request from a member of the public asking to view all the information you hold on them, the act of seeking that data out across your data repositories will, of course, require you to enact a process to complete the request.
So, if you need to collect information on your customers from across all these tools, you will need a consistent method for finding all of it.
And this is where we believe Nintex can play an ever more important role in helping companies comply with the EU data protection rules.
Connecting Data from Different Platforms
The Nintex Workflow Cloud is a powerful new tool that helps you connect data from all your different data sources and automate sophisticated, intelligent and impactful business processes. For compliance with the new EU data protection laws, this will be invaluable.
Take, for instance, the so-called ‘right to be forgotten’ clause in the GDPR.
This rule will allow customers or former employees to request that you collect all the digital information you hold on them and then remove it entirely from your systems. If, like most normal businesses, you hold that information in multiple systems, searching through them individually will take countless hours of employees’ time. And there’s a very high risk that information might be missed if this is left to a manual search.
Nintex Workflow Cloud, by contrast, can automate this whole process and thereby ensure that all data you hold on a customer is collected and erased efficiently.
Let’s see how this might look:
- It’s 26 May 2018, and a member of the public fills out a form on your company’s website asking that you erase all the information you hold on them.
- By filling out this form, a Nintex workflow could instantly and automatically trigger off searches for information on that individual right across your systems.
- The workflow could be designed to perform searches of that individual’s name in all your document repositories, and even search through staff inboxes to find emails related to them.
- Of course, because this is such a potentially sensitive topic, the workflow could also be designed to include human input, requiring a member of your team to check all searches (ensuring, for instance, that the workflow does not delete information relating to the ‘wrong’ Jon Smith).
- The workflow could also compile all the information you hold on that individual into an easy-to-understand document that could be returned to the customer, showing how information was searched for and then deleted.
Nintex Workflow Cloud will help organizations automate the various business processes that complying with the new EU data protection rules will require.
By rapidly and automatically searching your systems for all PII data, you ensure no data is missed and can therefore remain entirely compliant.
If you would like to find out more about how Nintex can help in your efforts to comply with the EU’s GDPR, contact us today.