Our Blog

18

Jul

How automation can make it easier to comply with privacy legislation

New privacy legislation around the world puts increasing pressure on organisations not just to keep personal information safe but also to be able to provide an individual’s information on request. These requests can create a significant time and cost burden for organisations that aren’t fully prepared for them.

Like most business challenges, preparing for information requests takes a mix of people, processes, and technology. (We’ve addressed the people and processes components in previous blogs.)

The right technology is crucial in helping you reduce the business risk associated with information requests. Without it, the manual workload involved in responding to information requests could take time away from core business tasks and require significant investment in additional resources.

How technology can help

Most businesses are achieving huge benefits from digital transformation. Replacing manual, inefficient tasks with automated, streamlined digital processes can help save massive amounts of time and money. So, it makes sense to digitalise the process of responding to information requests wherever possible.

Technology can help you respond to information requests faster and more cost-effectively. For example:

1. Online forms. Getting individuals to enter their requests via online forms helps you standardise the request process and ensure you get all the relevant information upfront in the request process, rather than having to spend time clarifying the scope later on. This is also likely to be the preferred method of applying for information by individuals, too, leading to an improved experience all around.

2. Workflow software. Inevitably, information requests require various people to conduct a range of actions to identify and bring together the information that’s been requested. Using workflow software can automate parts of this process, particularly the review and approval components. It can also be used to retrieve information from repositories, saving your staff from having to do that manually.

3. Connectors. Organisational information tends to reside in a variety of repositories such as Microsoft SharePoint, Dynamics CRM, Marketo, and even Dropbox. You could have dozens of repositories that contain personal information. Rather than search each one individually, you can use connectors so your workflow software automatically pulls the information out from wherever it resides.

4. Document generation. Often, information is stored in operational databases such as CRM systems. Being able to automatically generate documents from those systems can save time and effort.

5. Workflow analytics. Building workflows is only the first step of the process. It’s important to monitor them to make sure they’re delivering what you need, when you need it, without unnecessary complications. Moving beyond automation towards optimisation can help you save even more time and money. By analysing your workflows, you can optimise them for best results. 

Using Microsoft 365 for improved compliance

Businesses using Microsoft 365 can leverage it to support their compliance obligations in five ways:

1. Assessment. It’s essential to understand what information you possess, where it resides, and who has access to it. Microsoft 365 includes tools to scan, classify, and report on your content regardless of where it resides.

2. Information protection. Keeping information secure is a core requirement of privacy legislation. Microsoft 365 includes built-in security tools that protect your information at rest and in transit.

3. Information request support. Discovering, managing, and reporting on information on a per-case basis is part and parcel of responding to information requests. Microsoft 365 manages this seamlessly.

4. Security. Preventing breaches depends on having strong security in place. Microsoft 365 is a secure cloud platform, assessed and certified by government security agencies. It includes tools for monitoring and scoring security configuration, so you can maintain compliance even in a changing threat landscape.

5. Compliance monitoring. Compliance is never a set-and-forget activity; it requires continual monitoring and adjustment to be effective. Microsoft 365 provides tools for scoring and monitoring compliance with various regulations, including GDPR.

While complying with privacy obligations isn’t simple, it’s also not optional. By taking a strategic, step-by-step approach to building the right compliance framework, your business will be able to mitigate the risks associated with data breaches and respond to information requests quickly and painlessly.

You can read more about how processes, people, and technology can help you comply with privacy legislation in our blog series here.

To find out how Empired can help, contact us today.

Posted by: Doug Baxter, Solution Specialist | 18 July 2018

Tags: Privacy, Security, GDPR, NDB, Privacy legislation, Privacy and compliance


Top Rated Posts

Blog archive

Stay up to date with all insights from the Empired blog