Every organisation which is offering goods or services in the European Union and which collects, processes and analyses personal data to do so, is subject to the new regulation GDPR.
These companies have to ensure that they maintain an overview of the collected data at any time and upon request they have to be able to provide detailed information about any set of data they collected.
The critical issue for many companies will be the mass of unstructured information contained in documents and pictures somewhere in the companies’ grown structures, which constitutes a high compliance risk in the context of the GDPR.
Step by step
The first step for companies should be to take stock of the status quo. That starts with analysing how sensitive data and documents are currently identified and secured in their systems and databases. Additionally, the responsible decision-makers should find out, to which degree their company is fulfilling any legal requirements regarding transparency, and how security violations are identified and communicated by their company.
They should also review the current training measures in this regard. This overview then enables companies to determine and implement the necessary measures in order to become GDPR-compliant.
For that, they need the correct software solutions to support them. As an example, Ephesoft Transact focuses on four essential aspects to help fulfilling GDPR requirements: uncovering, managing, protecting and providing. The software helps companies to identify documents which actually contain personal data, which is the first step towards data transparency.
It can also be integrated seamlessly into the company’s business processes, which allows it to support the everyday management of both old and new content. An integrated security feature assists decision-makers in identifying and reacting to violations and gaps in security as soon as possible, allowing them to reliably fulfil their legal duty to report them.
To ensure that all data is readily available at any time, the software also creates a private information catalogue as well as an inventory, so enquiries about stored data can be processed immediately and – if requested by the user – personal data can be deleted easily and verifiably.
Benefits for different industries
In the context of the GDPR, smart software for document analysis is relevant for every company which is conducting business in the European Union and collecting, saving or processing personal data. Thanks to a wide range of APIs, Ephesoft Transact can process data from many different sources, from e-mails to scanned documents and mobile data to faxes and already saved files or microfilms.
The input is first directed to the Ephesoft server; the server itself can be located on premise or in the cloud. It also doesn’t matter if the rest of the systems are Windows- or Linux-based. Afterwards the input documents are analysed by Ephesoft Transact and the contained data is classified via Supervised Machine Learning.
Unclear classifications are sent to a human user, who can help the system in finding the correct one. That means, the solution learns through every single piece of input, allowing it to continuously develop.