Data Protection

Home Data Protection

Our Solutions

How DocuWare helps meet GDPR compliance

There is no one single technology that meets all GDPR requirements. An organization must adopt a holistic information management strategy. Document management and workflow automation can play a key role. 

DocuWare offers both a document management and a workflow automation system that helps you comply in all of your document-based processes.

Using DocuWare, your company gains the ability to:

  • Locate and access personal data stored in and processed with your documents
  • Export, correct and delete personal data (for example, deleting data helps comply with the new “right to be forgotten” article)
  • Ensure that personal data is protected and not processed further

Why GDPR matters and what you need to know

High penalties

The penalties for non-compliance are significant. Fines can be imposed up to 20m € or 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.

Explicit customer consent

Valid consent must be explicit for data collected and the purposes data is used for. In addition, you must be able to prove “consent” (opt-in) and consent may be withdrawn.

Compliance outside the EU

The old escape clauses for non-European companies no longer work. Non-European companies utilized “Safe Harbor” provisions to comply with the original data protection regulation, but this was overturned in 2015 by the European Court of Justice.

Personal data can be anything

Managing unstructured information and documents are key to compliance. The EC defines personal data as any information relating to an individual, whether private or professional. Name, address, photo, email address, bank details, posts on social networking websites, medical information, or IP addresses are all valid.

Paper documents count

GDPR applies to the processing of personal data wholly or partly by automated means. It also applies to the processing other than by automated means which form part of a filing system. In other words: paper documents.

Extended chains of liability

If personal identifiable information is being stored or handled by a cloud services provider or a document process outsourcer on your behalf, you retain responsibility for the data governance practices of your outsourcers.