The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. Here at TES we are doing everything we can to ensure our customers are prepared. Here are some things to consider and questions to ask, raised following a Webinar depicting the steps Microsoft are taking in achieving GDPR compliance, for their cloud based services Office365 and Azure.
If you host your IT infrastructure on premise, then it is apparent that you will be carrying a greater burden in conforming to the requirements of GDPR, and this might contribute to a business case in considering migration to the cloud in future.
Also, if you use alternative hosting services such as AWS or Rackspace then we would encourage you to raise some of the questions with them regarding your digital security and compliance.
Your NAV system, as part of your wider IT infrastructure, will of course also be subject to GDPR regulation. As your NAV supplier we can state the following in this regard:
· As a matter of policy TES never hold local backups or copies of your NAV data on our systems.
· The methods by which we access your system to provide support services are managed under our ISO accredited ISMS policy.
· We can advise on ways that your NAV database, that might currently be held on premise, can be migrated to the cloud as to benefit from the implicit compliance features that Microsoft offers.
We do anticipate that, as the practical operational implications of GDPR compliance become apparent, there may be ways that we can enhance the way NAV holds and handles your customer data.
· More rigorous auditing and security features added to how NAV users interact with the customer data it holds.
· Develop NAV web services which support the requirement for the double opt-in that you must ask customers to go through before marketing to them. These web services could interact directly with your customers via your web-site or indirectly via an interface with your Email Service Provider.
If you would like to visit the slide deck from the Webinar you can view them here.
We will be proactively engaging with our user community on all of the issues outlined above, but do also invite any specific questions or queries you may have