top of page

GDPR File Classification

gdpr1.PNG

A GDPR file classification has a number of properties associated it that are used to control file access, logging of important actions and recording signed actions. These will be detailed in turn

​

Signed Actions

Two actions have been identified as key records management actions that require an extra level of authorization. These are when a file is being borrowed, indeed most stages of a file's loan lifecycle (borrowed, cancelled, returned) , and when the final action of file's lifecycle is being actioned by entering the executed date.

These signed actions are only required when a file has been classified with a GDPR file classification that has these actions flagged as requiring sign off. In the image above, you can see the configuration of a file classification for Sensitive Personal Data. The signing function requires the user to re-enter their password, thereby explicitly acknowledging and signing the action. By doing this the user accepts responsibility for completing the action.

 

 

gdpr_signing_2.PNG
gdpr_signing_1.PNG

The first image here shows how the signing function is presented to the  user for completing a file's lifecycle. This is achieved by entering the executed date of the final lifecycle stage. Please note this is not the same as activating the final stage.

The image below shows how the signing function is presented to the user when they borrow a file whose GDPR classification flags Loans as a signed action.

Controlled access​

 GDPR file classifications can be configured so that access is restricted to a combination of

  • Admin only, the admin super user or system administrator. If this option is selected only the Admin user can access the file

  • The user who added the file. This includes the Admin user and possibly section administrators

  • Section administrators.  This includes the Admin user and possibly the user who added the file

  • All users 

If users cannot access the file due to the file classification, they will be able to see the file but they will not be able to access or action the file in any way. If a user attempts to the access the file, they will receive the following warning message

​

​

​

​

​

​

 

​

Logging

A file classification can be configured to log all access requests. This record of a user accessing a file will happen even if they  have the required rights. Signed actions will always be recorded. The message above was raised by an attempt to access a file by a user who did not have the correct rights. Following the guidelines laid down in the GDPR for transparency, the user must be informed that this action has been logged. If the logged flag was disabled for this file classification, the user would receive the same message but without the warning about the attempt being logged, as it would not be recorded.

​

The GDPR audit log - Access and Sign Actions is available to the Admin user on the file Audit screen. A sample GDPR audit log is shown here 

​

 

s

 

 

 

 

 

 

 

​

​

​

​

Reporting 

Two new GDPR related reports have been added. 

  • GDPR Reports - Access and Signed Action Log By User 

This allows for a printed report based on the log data as detailed above. The data can be filtered by user, section and action.

  • Reports - Retention & Disposition - Current stage not executed

This report lists files at that are missing the executed date of the current status. The report will only list files where the selected action date of the current stage has passed. Entering the executed on date is a key factor in GDPR compliancy as this verifies that the action took place. This could be very important when files that contain sensitive personal are flagged for destruction. The data in this report can be filtered by Action due date, section, status and GDPR classification. An upcoming feature will be the ability to upload and associate a certificate of destruction with a selected range of files. 

 

​

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

GDPR Configuration

Access to the GDPR field can be controlled.

A new tab has been added to the system 

parameters screen. This controls if the GDPR

field is visible in the file grid.

Access to the GDPR field is also controlled

by the Search availability field. This can be set

to the Admin user, Section Administrators or all

users. If the logged in user does not have the

rights under this setting to view the field, it

will not appear in the Detailed Search option

nor will it appear in the file grid if it has been added to the grid. This aligns with the GDPR, restricting access to any data that could pose a potential threat. In this case, not surfacing the fact that a file could contain personal data.

The configuration tab shown also contains the settings for configuring the enhanced security options added to take account of the increased security and validation required by GDPR to restrict access to any personal data and to reduce the possibility of a data breach. This is covered in the next section.

​

gdpr_warning.PNG

Please see below for details on the logging warning 

gdpr_audit_log.PNG

The highlighted sections show the logging of a failed action (this will be logged if  user enters their password incorrectly three times) and the denied access requests for the user DUBCCA. As you can see all access requests and signed actions for this file have been recorded.

gdpr_config.PNG
gdpr_missing_date_report.PNG
gdpr_missing_date_report_file.PNG

The images here display an example of this report and the lifecycle of one of the files returned.

​

It should be noted that the executed date represents the date that the end of a stage is executed, for example when it is not longer marked as Non-current but is now flagged for Disposal. The executed date for the final stage is the date that it is actually disposed or destroyed.

bottom of page