This page is dedicated to answering the most common questions Data Protection Officers ask us.
Should records request and data archiving software be part of the DPO Toolkit?
Companies should create adopt processes and systems that will help them remain compliant with all regulations. Using powerful workflow, email archiving, and data archiving technologies, will significantly reduce your compliance risk and increase performance.
Our organization created our own system, why do we need to change?
Our policy-based approach allows you to set up retention policies to suit for your organization. Doing this Data Protection Officers ensures they are automatically retaining each item of data securely.
The system automatically removes data that is no longer needed. It also reduces the amount of data store. As DPO quickly find the information required and be even more confident that you are meeting government and regulatory requirements.
How does GDPR affect email and file for a Data Protection Officer?
GDPR demands that organizations protect personal data in all its forms. It also changes the rules of consent and enhances people’s right to privacy. It’s important for Data Protection Officers to utilize company-wide email and file policies to ensure compliance. A data archiving solution, such as MailMeter, should be a key component in a DPO’s toolkit.
Why does a data protection officer need a separate software solution for email retention policy?
Do your employees know what constitutes personal data? How often do they forget to delete emails containing personal data? Do they use work their work email address for personal use? A data breach, could leave a data protection officer vulnerable to GDPR non-compliance or worse.
One thing that frequently comes up with GDPR is the concept of processing personal data. Here, processing refers to a “wide range of operations performed on personal data,” including collection, alteration and, of course, storage.
Article 5(1)(e) of GDPR states that personal data must be ‘kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.”
MailMeter Archive’s Retention Manager is a comprehensive, easy to use, powerful solution for protecting and enforcing your business record retention policies
How is data destruction managed?
TechTarget defines data destruction as:
‘the process of destroying data stored on tapes, hard disks and other forms of electronic media so that it is completely unreadable and cannot be accessed or used for unauthorized purposes. When data is deleted, it is no longer readily accessible by the operating system or application that created it.
But deleting a file is not enough; data destruction software must be used to overwrite the available space/blocks with random data until it is considered irretrievable’.
TechTarget
MailMeter’s Retention Manager sophisticated process analyzes all recipients of an email. It enforces the destruction policies for each group separately. Here is how it works – an email is sent from Richard in Accounting (retention period 5 years) to Susan in Sales (retention period 3 years). MailMeter Retention Manager deletes Susan’s copy after 3 years while leaving the same message intact only for Richard in Accounting.
What about data that I need to keep for litigation purposes?
We’ve got that covered. MailMeter Retention Manager provides protection for any email destruction with a Litigation Hold capability that can lock down a user, group, or selected emails to meet your legal department’s requirements. Data Protection Officers or an authorized user can prevent messages from being destroyed even if the retention period has expired for all recipients. Additionally, certain emails might need to be saved to create an audit trail or so that they can be reproduced in the event of an eDiscovery request or pending litigation.
Is email and file data protected and secure?
Yes. In fact, it is safer and more secure. Furthermore, you can search across your entire history of emails in minutes for export or review. All information is stored securely with a full audit trail to ensure it has not been tampered with or altered.
Email records are stored in an unaltered state they remain in their original format, unchanged in any way. In addition, for file we have Bit Level Encryption – SISCIN compresses and encrypts data on your servers before transfer. Files can be split, then stored in different cloud, or local tiered storage locations. There is an option for different cloud providers for additional security.
I manage record requests such as FOI, DSAR’s, EIR etc. how does this software help?
DiscoveryControl is purpose built to enhance the Data Protection Officers management of the workflow for record requests. MailMeter encrypts emails and reduced the time it takes to search and retrieve information within email from om months to minutes, vastly reducing legal costs. With MailMeter Investigate, as DPO you can quickly find everything you are looking for even if all retention periods have expired and users can’t see the messages. When Litigation Holds expire, MailMeter Retention Manager will automatically delete messages according to their retention periods. SISCIN compresses and encrypts data on your servers before transfer.
Can the data protection officer restrict access to the software?
Yes, a tiered level of controls provide access to authorised only. Every interaction with the archive provides a full audit trail of all verified users and departments and their actions. Demonstrating strict regulatory standards of processing and procedures of best practice.
Are DPO’s supported after the system is purchased?
Yes. All our ComplyKEY SaaS products are a fully managed service gives a data protection officer both the software and the support of our team of Data Management experts who will hold your hand through the process. Our experts will assist you in finding your Data, assessing its worth, planning and putting it into practice. We enable you to set automated policies for historical and future data management. You can also set up and run clear and accurate reports to keep your organisation always informed.
