By now, most companies are well aware of the EU General Data Protection Regulation (EU GDPR) and the major changes it will bring about. But how well prepared are they for it? The AIIM asked its members this question — and the results are alarming. Less than a year away from the enforcement date, only six percent say they are fully prepared for the EU GDPR. Furthermore, 25 percent say they are "thinking about it," and 7 percent admit that they have not done anything at all to ensure the protection of personal data and to meet the requirements regarding the release and deletion of information. Those who know how complex organizational and infrastructure projects can be also know that time is running out.

ECM ensures data protection and availability

Nevertheless, 74 percent want to develop information governance (IG) policies to comply with the EU GDPR; 57 percent intend to take data cleansing measures to ensure data quality and integrity. Enterprise content management (ECM) solutions such as Doxis4 offer a consistent technological platform for securely managing and storing data and documents from a number of systems. Such solutions help companies to identify and securely store personal data, while also enabling them to provide or delete personal information on the data subject's request. ECM solutions assist companies in establishing long-term data protection that complies with the EU GDPR. They prevent data loss or exposure, to which almost one-third of the respondents admitted experiencing in the last 12 months. The respondents listed staff negligence and bad practices in handling data as the reasons behind this. ECM is not a cure-all, but it does offer a secure and stable foundation for information governance. The SER solution Doxis4 safeLock gives companies a way to automatically manage retention rules and deletion deadlines, for example, for contracts. Once the legal retention period is over, deletion locks can be removed if, say, a customer or employee demands deletion according to the EU GDPR.

The intent of the EU General Data Protection Regulation is to strengthen data protection for individuals within the EU. In cases of non-compliance, penalties of up to several million euros are possible. The regulations affect not only European companies, but also international ones that conduct business in the EU. The AIIM took the current discussion of the EU GDPR as an opportunity to survey its members in May 2017 about their readiness for the new regulation. Approximately 700 members of the AIIM community took part in the survey.

You can read the complete AIIM Report "Understanding GDPR Readiness in 2017"* here:

*© AIIM 2017, www.aiim.org