To meet the obligations of the General Data Protection Regulation (GDPR), organisations are reviewing their policies and practices to ensure they can protect people's right to determine how their personal data is processed.

GDPR requires organisations to process personal data lawfully, fairly and in a transparent manner. Meeting this requirement presents both challenges and opportunities.

Organisations that use an enterprise content management platform to define the rules, roles and responsibilities for controlling information can extend this governance to help manage business processes and external collaboration.

This provides a robust foundation which can be leveraged across the enterprise to prepare for all types of information and process related requests.

Simple steps to success

• Discover - know what information you have, its locations and owners.
• Consolidate - build an integrated approach to governance across the whole ecosystem.
• Automate - automated processes associated with GDPR are transparent and auditable.
• Collaborate - retain governance controls over information shared beyond your organisation.
  

If you are complying with the current law then most of your approach will remain valid under the GDPR and can be the starting point to build from.

Information Commissioner’s Office