What is GDPR?

The General Data Protection Regulation (GDPR) is a new regulation that acts as an addendum and overhaul of the European Union's (EU) existing data privacy laws.

The regulation was adopted by the EU parliament in April, 2016 and the deadline for enforcement is May 25, 2018, meaning that businesses not compliant after that date will be subject to fines of up to €20 million or 4 percent of their global annual turnover. Let the countdown begin.

The EU GDPR Website features comprehensive details about the regulation and its history as well as answers to frequently asked questions about all different aspects of GDPR.

How Does SpringCM Help Our Customers with GDPR Compliance?

For SpringCM customers, compliance with all national and international data regulations, including GDPR, is a top priority.

The following features, which are native to SpringCM, will help as you prepare for GDPR.

  • OCR (Optical Character Recognition) to extract the content of any document as plain text and use it to make the document searchable. OCR is particularly important, as GDPR applies to historic information, as well. OCR makes legacy documents searchable.
  • Metadata tagging on documents to allow for convenient searches in the event of the need to erase a particular EU citizen's information.
  • Advanced Search to execute document and folder searches with a great degree of granularity.
  • Workflows to enable the convenient porting of personal data from one service provider to another.
  • Manual processing options so that EU citizens in particular are not subject to "profiling"/automated decision making without their explicit consent.

What Does GDPR Mean for Contracts and Documents?

Contracts, resumes and other types of documents containing signatures and other identifying information are just as subject to GDPR data management guidelines and EU citizen removal requests as other more public-facing forms of data.

So if you are dealing with EU clients or customers in any capacity, the documents that underpin your relationships with them must be accounted for, and your IT setups must meet the GDPR regulatory burden.

Why is SpringCM Set Up So Well for Handling GDPR?

The reason SpringCM is so well-positioned to handle this new world of regulatory demands from the EU is twofold.

First, SpringCM's infrastructure and operations have, from the outset, been built out and maintained with data privacy, portability, monitoring and convenience as the top priority.

Second, part of what makes SpringCM such a valuable tool for document management is that it focuses on centralization. Having information all stored and searchable in a central, cloud-based location – rather than scattered across various servers, in hard copies, and in disparate formats – makes managing the type of requests that could arise under GDPR easy.

And even for data that is necessarily unstructured, SpringCM can build out workflows that allow for the easy identification and full deletion of a given piece of requested data.

Confirmation of Compliance

Companies conducting business in the EU will soon be positioned to reach out to all of their third-party vendors in order to confirm compliance with GDPR so as to not open themselves up to liability for penalties. SpringCM is able to offer this confirmation and give any affiliated businesses peace of mind about its level of compliance with its contracts and other documents stored and managed on the SpringCM cloud.

Additional SpringCM GDPR Resources