It’s not game over for GDPR on May 25

Posted on May 21 2018 - 12:36pm by Tayla Ansell
RATING

Chris Strammiello, Vice President of global alliances and strategic marketing, Nuance Document Imaging, Nuance Communications, explains why that date marks the start of future opportunities for print resellers

Come May 25, it wouldn’t be too surprising if a collective sigh of relief is heard from companies of all sizes, celebrating the fact that they have made it to the all-important date for GDPR compliance.

While May 25 is of course the deadline, that doesn’t mean that a company’s GDPR worries or responsibilities are over; if anything, that date is actually a starting point for adhering to a new set of rules that determine how data is stored and shared thereafter. For print and imaging resellers therefore, companies’ new GDPR obligations means that talking to customers about it should now be an ongoing dialogue in the same way that talking about security is.

Let’s keep talking

In fact, it is imperative that the conversation continues. With the digital economy and online personal data constantly at risk from security breaches, hacks and data leaks, GDPR is an effort to strengthen and unify data protection for all individuals within the European Union (EU). As this regulation is concerned with the primary objective of giving citizens and residents back control of their personal data – while simplifying the regulatory environment for international business by unifying the regulation within the EU – it will underpin much of how a company manages information relating to customers now and in the future.

Against that backdrop, the ongoing role of GDPR is to strengthen and unify data protection for all individuals within the EU, by ensuring organisations provide a broader duty of care to their customers by preventing their personal details and data from leaking.

Individually – and as a society – we should of course welcome this regulation. But the channel should be especially keen to embrace it as both a commercial blessing and an opportune moment to continue document security related conversations with their customers, to guide and inform them about what the GDPR act means, what their customers need to do to honour it and what the implications are for breaching it. And the price for breaching it will be high.

Today’s secure print solutions meeting tomorrow’s regulations

In the run up to GDPR, it is encouraging to see that many print resellers have been proactive in looking at what solutions can help ensure their customers honour their GDPR responsibilities. That’s to be applauded, given that unprotected print devices can be a source of data leaks; even today, we still see incidents of private data being left unclaimed on devices even though solutions already exist to mitigate against the risks.

The reseller channel needs to continue its good work post May 25, to help its customers protect themselves against print-related risks, through the deployment of intelligent print management solutions that are already available.

Some of these solutions enable IT administrators to set up automated workflows that detect if documents contain specific patterns (like social security numbers, personal health information or sensitive company data) and it will redact any/all instances of that pattern in a document. It can flag up incidents of potential compliance violations to a company’s Chief Data, Security or Compliance Officer, thereby acting as an early warning system ahead of a potential breach.

Other solutions provide customers with a secure print function, and only allows those authorised to release prints from a device to do so via a secure PIN code or swipe card. Such solutions present a powerful and effective way to stop unclaimed documents being left on devices, hence preventing security breaches.

It is also possible for companies to deploy solutions which monitor and report on print use, making it easier to track who is printing what and where potential weaknesses are in the document workflow that could also result in a breach. Given that accountability is an important ongoing element of GDPR, advanced print reporting functions will be invaluable to many companies.

Combined, such solutions deliver the type of defensive security management that could easily put the brakes on the incidents that GDPR is trying to prevent, while helping companies avoid the severe fines it is threatening to issue. For resellers then, they should see May 25 as the date from which GDPR really gets into gear, rather than just as a box that needed to be ticked.

www.nuance.com