Blog

GDPR and SharePoint Compliance

GDPR and SharePoint : How to Ensure Your Solution is Compliant

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) privacy law that will come into effect on 25 May 2018. If your organization works with personal information of EU citizens you fall under the new laws remit, regardless of where your business is located.

GDPR has been met by a level of resistance from businesses, but there are benefits to both consumers and businesses.  There have been major technological developments since the law was last updated in 1995, as well as an explosion of data businesses collect, the legislation is just catching up.

Consumers will get full visibility of data businesses have collected about them, be made aware if their information has been hacked and gain the “right to be forgotten.” This means the consumer is now in control of their personal information.

As businesses we have the benefit of one simplified regulation across the EU, rather than a different law in each country. Although this regulation has been designed for the EU, there is speculation this type of regulation will become global, so by getting compliant now you are ahead of the game. Another benefit for business is transparency between consumers and businesses, building trust. You will also gain a better understanding of customers by understanding the information you hold on them, enabling you to deliver better products or solutions.

Why comply?

Apart from wanting to build trust and stronger relationships with your customers there are significant risks if you do not comply, key risks include:

  • Heavy fines – 20 million Euros or 4% of global annual turnover – whichever is highest
  • Damage to reputation/brand – leading to a loss of consumer/employee trust and in turn future business
  • Bans can be imposed to data processing/transfers impacting your business operations

Staying GDPR Compliant

Getting compliant is the start, staying compliant is ongoing and OnePlace Solutions is helping customers around the world do just that.

The GDPR simply put is all about information management and we have been helping customers to do that for over 17 years, it’s our core business. Don’t be fooled into thinking becoming GDPR compliant is a onetime process – getting compliant is part one, staying compliant is ongoing.

GDPR and SharePoint – The stages of compliance and how OnePlace Solutions helps

There are several stages to become GPPR compliant:

  1. Classification and Labelling
  2. Protection
  3. Monitoring
  4. Access

The OnePlace Solutions suite of products enable people in business to do more, simply. OnePlace Solutions is achieving this by bringing SharePoint and Office 365 to where the business user works within Microsoft Outlook and Office. OnePlaceMail and OnePlaceDocs enables you to save emails, email attachments, word documents, excel files, PowerPoint files and Adobe PDFs into SharePoint/Office 365 using drag and drop - something your teams already do in their day to day workflow.

The OnePlace Solutions suite of products perfectly addresses areas of the GDPR strategy.

Classification and Labelling

Classified and labelled content allows it to be easily discovered in an organisation, especially Personal Identifiable Information (PII), OnePlace Solutions promotes this in several ways:

  • Classification of content as it is saved to SharePoint allows easy retrieval using search. This makes it easy to ‘forget’ an individual by surfacing PII from SharePoint
  • Automatic capture of email metadata as emails are saved to SharePoint again enabling easy retrieval of PII from SharePoint
  • Easy edit of content held in SharePoint, so the information is tagged appropriately and discoverable, again facilitating GDPR compliance

Protection

For GDPR compliance personal data needs to be protected and secured. OnePlace Solutions protects data in the following ways:

  • Easy capture of information to SharePoint allowing content to be held and secured centrally in the Microsoft Office 365 platform or on-premises SharePoint environments. Information is no longer isolated in individuals’ inboxes subject to potential security breaches
  • The ability to delete content from SharePoint in familiar user applications like Microsoft Outlook. This helps the process of ‘forgetting’ an individual therefore ensuring data privacy

Access

Access to an individual’s personal data across an organisation is critical for GDPR compliance. OnePlace Solutions supports this by:

  • Mitigating the risk of non-compliance by allowing easy access to SharePoint content inside Microsoft Outlook (OnePlaceMail) and in a familiar explorer style interface (OnePlaceDocs)
  • Ability to surface content in SharePoint through search capabilities in our products
  • The aggregation and presentation of PII matching key criteria from multiple SharePoint sites across an organisation (OnePlaceLive). This intelligent discovery allows quicker retrieval of personal data and less chance data will not be discovered across organisations

OnePlace Solutions ensures your organization stay compliant yet allows the business user to remain highly productive.  We appreciate each business is different so get in touch today to discuss how we can work together to help you comply with the GDPR now and into the future.

About the Author

Colin Wood

Colin Wood

Senior Software Architect

Colin is a founding architect of the OnePlace Solutions suite of products and is involved in its continued evolution. He is passionate about bringing new products to the marketing, always looking for better ways for solutions to work harder for end-users.

Connect with Colin Wood

  • Phone: +61 2 99771312
  • E-Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.