Brexit or not, the General Data Protection Regulations (GDPR) will apply in the UK from 25th May 2018 strengthening the UKs present data protection legislation, much of which is out of step with current technology and business practices.
The new regulations will place a greater burden on any organisation holding personal information in any form to demonstrate process controls, as well as ensuring the security of the data it holds.
Sage CRM can help any business to achieve and maintain compliance in the following ways:
- Providing a single source of data that can be managed centrally.
- The smaller the number of data sources that a business has the easier GDPR compliance will be.
- Consolidate data from many sources to create a central database accessed by many users with controlled access rights.
- Can act as a 'hub' between existing database applications to provide a single point of control.
- Controlling who has access to which data and for what purpose.
- User security settings allow data access to be controlled to that required for the task at hand.
- Ensures that users do not have unauthorised access to sensitive or information that is not relevant to their role
- Providing checks and alerts to ensure that relevant consents are received and recorded.
- Alerts and other controls can ensure that relevant consents are obtained and maintained.
- Records and manages consent status for any number of separate business purposes.
- Making data available either by request, or through a secure web portal for individuals to access and update their own information.
- Provides a number of ways that data can be kept up to date.
- Contacts can easily be contacted to update records or renew consents themselves via a web portal
- Demonstrating compliance with any data request or other communication.
- Allows a full communication history to be maintained, providing an audit trail for compliance.
- Hold records for data audits, impact assessments and other documents.
- Easily making data available in an acceptable format for individuals who want to move their data from one controller to another.
- Data can be output from Sage CRM in a number of portable formats.
- Breach detection
- Data audit tools identify unusual activity
Whilst Sage CRM will not in itself ensure GDPR compliance, it will provide many of the process management tools required as part of a structured organisation-wide data management methodology.