Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Dm GDPR FOCUS: SAR AUTOMATION<br />
By special request<br />
Adam Oxbury of Midwich introduces a software-based solution to the issues around<br />
Subject Access Requests that will be introduced with GDPR<br />
Organisations are subject to a legal<br />
obligation through the Data<br />
Protection Act 1998 to provide their<br />
data subjects with access to the data they<br />
hold about them. From May 25th 2018<br />
data controllers will become additionally<br />
subject to the requirements of the EU<br />
GDPR, which places additional burdens on<br />
organisations to ensure they provide<br />
adequate protection for the rights and<br />
freedoms of data subjects. Organisations<br />
need to look at potentially inadequate,<br />
insecure and non-compliant processes that<br />
are currently deployed and think about<br />
what can be done to alleviate these issues.<br />
WHAT IS A SUBJECT ACCESS<br />
REQUEST?<br />
An individual who makes a request is<br />
entitled to be:<br />
Told whether any personal data is being<br />
processed;<br />
Given a description of the personal<br />
data, the reasons it is being processed<br />
and whether it will be given to any<br />
other organisation or people;<br />
Given a copy of the information<br />
comprising the data; and details of the<br />
source of the data (where available);<br />
Able to understand the logic behind any<br />
automated decision - computergenerated<br />
for example - to grant or<br />
deny credit.<br />
Anyone familiar with Subject Access<br />
Requests (SARs) - the workflow from<br />
identification, compilation through to<br />
delivery - will no doubt be fully aware of<br />
the challenges faced by members of the<br />
compliance, information governance or<br />
data processing teams.<br />
Although automated processes are<br />
replacing manual ones in organisations<br />
many have been slow to make<br />
improvements in their operational<br />
procedures. Manually identifying and<br />
confirming the identity of data subjects<br />
requesting information only adds to issues<br />
already faced by staff fulfilling SARs, and<br />
further drains already stretched resources.<br />
Ever growing volumes of information held<br />
on subjects, especially PII / PID, in an<br />
increasing variety of file formats (MS Office,<br />
PDF, MRI, Audio, Video, CAD, X-Ray) only<br />
add to the daily challenge already faced by<br />
workers involved in collating, organising<br />
and compiling bundles.<br />
THE SAFESEND SOLUTION<br />
iDocs Bindr SafeSend is the definitive<br />
portable document compilation and secure<br />
dissemination solution designed to sit<br />
alongside existing document and records<br />
management systems. The solution can be<br />
integrated alongside Fujitsu scanning<br />
solutions for seamless input of data held in<br />
paper format. This allows for automatic<br />
batch scanning, digitisation and OCR,<br />
directly into iDocs Bindr SafeSend, thereby<br />
compiling a binder in one very<br />
straightforward and secure workflow.<br />
iDocs Bindr SafeSend quickly compiles and<br />
automatically indexes documents and<br />
folders of any file type into secure editable<br />
searchable binders so users can share,<br />
collaborate, distribute or archive with<br />
confidence. Being simple to use means that<br />
anyone can build a project in minutes.<br />
Introducing iDocs Bindr SafeSend will not<br />
only significantly reduce the amount of<br />
paper used and reduce the impact of the<br />
continual increase in SARs, it will also<br />
enable organisations to experience a<br />
number of directly attributable benefits as<br />
well as enjoying the wider implications<br />
around digital transformation:<br />
Suitably robust solution facilitates faster,<br />
more secure responses to SARs<br />
Improved information security and<br />
compliance with the 1998 DPA as well<br />
as with the EU GDPR when it comes<br />
into effect with data produced in a<br />
machine readable format<br />
Improved compliance with the<br />
Information Governance Toolkit<br />
Reduced delays in the sending and<br />
receipt of data SARs<br />
Reduced paper usage within the Release<br />
of Information function<br />
Reduced postage, print and<br />
photocopying costs within the Release<br />
of Information team<br />
Lower risk of data loss (i.e. paper going<br />
missing)<br />
Lower risk of inappropriate access to<br />
clinical information<br />
Improved audit functionality.<br />
Fujitsu, in partnership with distributor<br />
Midwich, can provide this software<br />
together with the right hardware to give<br />
your customers the ability to provide a risk<br />
mitigating solution for the incoming laws.<br />
More info: bit.ly/2IvK1nU<br />
26<br />
@DMMagAndAwards<br />
March/April 2018<br />
www.document-manager.com