How will ProTech help our clients comply?

What is GDPR (General Data Protection Regulation)?

The General Data Protection Regulation (GDPR) is a regulation that the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). The deadline for organisations to ensure compliance is May 25, 2018.

How will this affect my organisation?

Failure to comply with new legislation laws could result in fines of up to 4% of turnover, although this is in extreme cases. There is however, a lot of inaccurate information available from various so called experts which has left many employees unable to identify the fact from the fiction. The Information Commissioner’s Office (ICO) is the official source to locate the correct information and advice to ensure organisations understand the steps that are required to be undertaken.

First Steps

The ICO has created a document outlining the 12 Steps organisations should take in order to prepare for GDPR compliance. See the full document here

Our commitment to you

How will ProTech work with our clients to help them meet compliance laws?

ProTech has recently launched the upgraded version of our CRM solution, Pro9 which has a newly designed UI (User Interface) and UX (user Experience) to meet increasing customer demand for a modern, highly intuitive CRM solution. Take a look at the enhanced user interface here

At ProTech HQ we have taken the decision to ensure we help our clients meet GDPR legislation by providing a free enhancement release in Q1, 2018 for all of our current Pro9 clients.

The following Pro9/ProWeb feature enhancements will be included within this release:

Tool for data portability: The GDPR regulations are designed to support individuals being able to ‘port’ or share their data with other organisations for the purposes of improving customer choice and value. Pro9 users will now be able to extract key data to a standard format so that it can be imported by other external systems. Whilst there is not yet a defined standard format for data sharing / porting facility, ProTech intends to create an XML output consisting of all data held about a person in the system in a format that is consistent for all clients.

Ability to delete records:Under the customer’s ‘right to be forgotten’ it will be necessary for Pro9 users to be able to scramble information, where these rights are exercised by the customer. It is also important that the overall integrity of the data held within Pro9 is maintained, for example for audit or reporting purposes. Pro9 will enable users to delete data without impacting the overall integrity of the system.

Ability to pseudonymise data: In order to maintain the overall integrity of the data held within Pro9, whilst also supporting the customer exercising their ‘right to be forgotten’, Pro9 will provide the facility to pseudonymise / anonymise data so it cannot be attributed to an individual. This will ensure that overall reporting requirements and data audit are maintained. For example, the customer’s personal identifiable data would be removed through anonymisation, however when running a report that calculates the number of members within a date range, where the customer’s membership would have been relevant in that period but they have since exercised their right to be forgotten, they would appear in the record count in the report. It would not be possible to view that member’s personal data.

Customisable communication preferences

One of the key requirements of GDPR is to enable the customer to provide informed consent for you to hold their data and to provide informed consent for how you process that data. This requirement will be supported by ProWeb and Pro9 such that when the customer first engages with your organisation their consent is explicitly sought and recorded and the ways in which they are willing to engage with you are also captured. In addition to this it must be possible for the customer to withdraw or amend this consent, again through ProWeb and also Pro9 where the customer contacts your organisation direct. There will be a full audit trail of the consent and preferences provide by the customer and any updates.

ProTech aren’t GDPR Experts! 

ProTech have been working with GDPR expert Jezz Gobran, Managing Director of i-secured. I-secured provide the leadership and quality service around information security and data protection. Jezz has provided ProTech us with advice around specific feature enhancements to ensure Pro9 has the capability to comply with the new rules.

How do I get hold of these GDPR features?

All of the enhancements discussed above will be available in a Pro9 feature release scheduled for the end of March 2018, in plenty of time for the regulations to come into force. For existing Pro-8 users you can upgrade to Pro9 for free!

Contact Kim.Smith@protech.co.uk for more information on how to upgrade.