If you are a global company that does business with any of the 28 countries that make up the European Union, you are no doubt focused on what is required to comply with the General Data Protection Requirement (GDPR) set to go into effect in May of this year.
If you’re not familiar, GDPR is a new regulatory scheme for data protection that will have a substantial impact on consumers and businesses worldwide. If you’re marketing to EU consumers and are not familiar with GDPR compliance, now is the time to learn more … and do all you can to prepare. (For more information on GDPR, including specific tips for improving compliance, please review our series of blog articles on GDPR.)
What is GDPR?
The GDPR is a replacement for what has been a patchwork of national legal frameworks governing the protection of personal data. It is intended to strengthen and unify data protection for individuals living in the EU.
For businesses, GDPR imposes new obligations and responsibilities — regardless of where they are in the world — on how personal information is used and processed. European consumers will gain new rights and controls over their personal data, including the so-called “right to be forgotten.” In short, GDPR could lead to more questions than answers and businesses will inevitably encounter new challenges as they consider the best ways to comply.
How PDF security closes compliance gaps
Clearly, there are many compliance mandates associated with GDPR, and a few can be addressed with a tool many of us probably don’t think of when it comes to GDPR compliance: PDF software.
While many people assume PDF documents are secure, this assumption is actually a false sense of security. The truth is PDFs can be infected just as easily as other file formats, such as Word and PowerPoint. With the right set of PDF tools, you can improve the overall security of PDF documents and address GDPR mandates for data protection and consent. Here’s how.
GDPR is in part meant to ensure consumer information does not fall into the wrong hands. Effective PDF tools help provide a secure framework for reliable document workflows, from PDF creation and editing to archiving and deletion.
This helps companies guarantee the safe passage of consumer information throughout the organization’s network. Many tools like Nuance’s Power PDF™ provide additional layers of security by encrypting PDF documents using industry-standard AES encryption. Word documents are also protected when saved as PDFs.
Personal information redaction
Many PDF tools also support GDPR compliance by automating personal information redaction. Documents delivered via email, printer and copier are closely monitored for personal data which, when identified, is automatically redacted to ensure the safety of the customer’s personal information.
With many PDF tools documents can be signed and authenticated to guarantee authenticity and information integrity. For example, Power PDF supports PKCS#7 and CAdES cryptography standards for signing and certifying documents. Digital signatures can also be used to capture consent from consumers before personal information can be processed, as required by GDPR.
Unauthorized access protection
In Nuance’s Power PDF solution, this function enables administrators to define access rights via Microsoft’s Rights Management interface and to apply them to PDF files. This works both directly using Power PDF and also in SharePoint workflows. It is an effective method of protecting PDF documents against unauthorized access, satisfying GDPR requirements.
Are you GDPR compliant?
The GDPR compliance deadline is approaching fast, and carries stiff penalties for those companies who fail to satisfy the requirements — fines up to 20 million Euros or four percent of a company’s worldwide revenue. Make sure you understand what’s required. Find information on GDPR compliance on our blog to help you get started.