Time is running out for companies: In less than nine months, the grace period for the EU GDPR will end. By then, companies must implement stricter regulations regarding the storage, release and deletion of personal data. The new regulations of the European Union require companies to be able to securely store and identify, release and, if requested, delete personal data at any given time. The requirements must be fulfilled by May 25, 2018.

With Doxis4, companies are equipped now for the regulations and have proven security. "The audited Doxis4 iECM suite, when used correctly and in conjunction with organizational control mechanisms, enables companies to fulfill data protection requirements according to EU GDPR," attests Holger Klindtworth of Ebner Stolz, the auditing firm which gave the ECM solution Doxis4 the first EU GDPR certification worldwide.

Traceable deletion

Doxis4 gives companies a way to automatically manage retention rules and deletion deadlines for personal data, such as contract data. Furthermore, it is also possible to set up deletion locks for an unlimited period of time for a document. If the retention period of personal data is unknown, the EU GDPR-certified Doxis4 safeLock protects the sensitive documents from modifications, even if they have no retention deadline. If customers or employees invoke their "right to erasure" (article 17 of the EU GDPR), companies are able to lift the deletion locks at any time once the legal retention period has ended. Data deletion can be automated, complete and physically traceable.

Protect and transmit sensitive information

SER's Doxis4 solution helps companies to ensure that personal data is protected from unauthorized access, manipulation and theft (article 32 of the EU GDPR). If needed, Doxis4 can also provide customers, employees, and business partners their sensitive personal data and documents in a structured and machine-readable form. Companies are thereby also able to provide proof of who accessed and modified which personal data and when. As required by the EU GDPR, data is in a structured and machine-readable format (article 20, EU GDPR).