Data protection and privacy is critical part of our organization. As you may be aware, new General Data Protection Regulation ( GDPR ) is effective from May 25, 2018. Focused on user data privacy, GDPR is the new EU legal framework for the protection of personal information. GDPR includes various key changes to existing EU data protection law, including accountability, data breach notification and enhanced individual rights. GDPR will affect all organizations, wherever located, that handles customers information in the EU.
What is GDPR?
The GDPR has the potential to impact any business that collects information in or from Europe. Significant fines may be imposed on companies who fail to meet their obligations with respect to handling information under GDPR. As most of the organizations increasingly using artificial data intelligence to understand and serve customers better, it’s critical that they are accountable to individual’s rights to privacy and security. Organizations need to respect user’s privacy by restricting what personal information they collect and by safeguarding that data. Privacy obligations apply to any information, either by itself or used with other pieces of information, that could identify an individual person living in the European Union.
How does Qualityze Support GDPR?
Qualityze EQMS software solutions built and run on the Salesforce platform. Qualityze EQMS products inherits all attributes of the Salesforce platform. Salesforce gives companies transparency and control of customer information to accelerate compliance with GDPR.
Qualityze is making continual improvements to ensure we are best positioned to meet our legal obligations to assist our customers for protecting and having more control over their personal information. We see GDPR guidelines as affording us yet another opportunity to continue protecting our customers’ data.
The Salesforce Platform accelerates GDPR readiness through:
- Right to be Forgotten – ability to delete customer personal data at both an organization and individual level to meet your obligations under the GDPR
- Consent – includes an Individual Object for tracking privacy preferences across multiple roles in your organization which can relate to one or many Contacts, Accounts, and custom object records.
- Accountability / Transparency – offers customers a robust data processing containing strong privacy commitments. It contains data transfer frameworks ensuring that customers can lawfully transfer personal data to Salesforce outside of the European Economic.
- Data Portability – Salesforce Platform helps customers’ requests to export their data. Data can be extracted via both UI-driven as well as API-driven methods, including reports and report/dashboard APIs, data loader, Apex, SOAP and REST APIs, and third-party ETL tools.
- Restriction of Processing – On the Salesforce Platform, records can be identified, exported, and deleted upon receiving a verified request to restrict processing. If the restriction is lifted later, the records can be re-imported.
- Security – Salesforce has security built into every layer of the Platform. The infrastructure layer comes with replication, backup, and disaster recovery planning. Network services has encryption in transit and advanced threat detection. Application services implement identity, authentication, and user permissions. Salesforce also offer san additional layer of trust with Salesforce Shield, including Platform Encryption, Event Monitoring, and Field Audit Trail.