GDPR Compliance with Frakture

The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. Frakture uses Warehousing and Automation to ensure internal compliance and help our customers do the same across their organization.

What is GDPR?

The General Data Protection Regulation (GDPR) is a set of legislations that will go into effect May 25th, 2018. It outlines new rights for members of the EU, and responsibilities on the part of those organizations storing person data for, and communicating with, those members.

At its core of GDPR is an organizations understanding of the personal data they are storing, how that data is used, and maintaining that data in a responsible way. If your organization has personal data in more than one system, it is probable that you have connections between them (or, just as likely, someone making sure those systems were in sync) and you may not have a full view of the data spread across those systems.

Right to Information

Guarantee the your constituents Right to Access by:

  • Maintaining a standardized version of data for each constituent in the warehouse enabling you to ensure a persons Right to both Access and Portability.
  • Knowing which systems store data for a given constituent quickly, without having to check each system individually.

Nuanced Consent

Guarantee that you are respecting your constituents Right to Choice:

  • Maintaining a standardized version of consent in the warehouse, pulled from each channel you use. When someone signs up within one system and is moved to another, it is important the second system knows which channels the constituent has consented to being contacted through.
  • When these consent options are updated (and they must be) then the changes can be kept in sync using the warehouse, with a single location that can be checked to ensure all systems are in compliance.

Right to be Forgotten

Guarantee the your constituents Right to be Forgotten by:

  • Using the knowledge of where your constituents are to quickly and effectively remove them from your systems when they no longer wish to be remembered.
  • Maintain a set of identifiers of the people who do not want to be remembered, so that in the future you can make sure to continue to respect their wishes.

Right to be Secure

Respect the GDPR Privacy by Design regulations:

  • Knowing what fields you are maintaining across systems for your constituents grants you the power to audit that list and ensure that you are holding the minimum number required (a stipulation of the regulation).