IFS announces that new functionality has been released for IFS Applications to support General Data Protection Regulation (GDPR) compliance. The enhancements to IFS Applications empower IFS customers with important capabilities that facilitate compliance with the new regulation, which comes into effect on May 25, 2018. A similar update for IFS Field Service Management will be released in Q1 2018.
GDPR compliance is supported by the new functionality that is included in IFS Applications 9 as of update 10 and onward, which is available now. Similar functionality will support IFS Field Service Management 5.7 from update 3 and onward from late Q1 2018.
GDPR Compliance Support
The new functionality will support compliance with GDPR requirements through all the key processes related to personal data management:
Lawful collection: According to GDPR, personal data is to be collected solely for specific defined purposes and only stored for as long as necessary for such purposes. The new functionality facilitates this by allowing each data subject to be identified and have one or more defined purposes for personal information processing attached to them, including durations, where each can be associated with one or more lawful basis for processing.
Secure storage: Personal data must be entered and stored securely within systems used for its processing and in accordance with the access permissions necessary for the purpose for which it has been collected. Complementing the existing mechanisms for role-based data access, the new functionality facilitates this by providing a set of dedicated mechanisms and windows facilitating management of data subjects, personal information items, purpose of data processing, data removal and anonymization, and date-controlled consent.
Secure recall/relay: Having the ability to recall and relay the data is an essential component of GDPR compliance. The new functionality facilitates this by introducing a new standard report that can be run for a specific data subject recorded within IFS Applications or IFS Field Service Management, and outputs relevant information including all data held, the purposes for which the data is held with relevant expiration dates and the legal basis to which the data and purposes comply.
Secure maintenance/removal: Three of the key requirements under GDPR are to maintain up to date records, the right of the data subject to be forgotten, and the need for the data controller to retain records for lawful purposes other than consent. The new functionality facilitates this by providing capabilities to support data maintenance processes. It provides the data controller with the possibility to clean up data, remove, or anonymize it (as appropriate), depending on the data subject’s preference or the expiration of the data retention period.
Lawful usage: Holding personal data in the system and being able to recall, report and remove data when required is essential and all of it relies on correct setup, maintenance and usage of personal information which in turn is reliant upon ease of access, visualization of data and the ability to be informed. The new functionality facilitates this by providing a single-entry point to access and control the purposes and basis for processing.