Friday, 27 April 2018

GDPR and what it means for Alpha Tracker asbestos software users

All UK businesses have been wrestling with GDPR (the new General Data Protection Regulation (GDPR) (EU) 2016/679) and what it means to them.

In particular, Alpha Tracker asbestos software users will be wondering what we have in store so I thought a blog would be useful to summarise the 6 key GDPR principles and where we are making software changes to suit.

Please note - if all your Alpha Tracker asbestos consultancy work is "business to business" then GDPR is less relevant to you.  But... if you do any asbestos surveys, re-inspections or removals at domestic premises and store personal information including names & addresses of homeowners or tenants then you need to take careful note of GDPR!

1 Rights of Individuals

There are a number of new rights for individuals enshrined within GDPR.  For example, there is a "Right to Erasure" or "Right to be Forgotten" and a "Right to be Informed" about what an organisation stores about an individual.

In the next Alpha Tracker release, we have new features to help your staff to deliver these rights.

2 Right to be Informed

Businesses need to make sure that people understand what is being stored about them and why.  They will also need privacy policies to meet the GDPR requirements.

In Alpha Tracker, we will enable you to link the software to your policy so your admin and customer-facing staff have easy access to it.

3 Right to Erasure (“Right to be Forgotten”)

This allows individuals to request that their personal data is removed from an organisation's systems.

The next release of Alpha Tracker has a feature designed to make this quick and easy to do.

4 Data Protection Officer (DPO)

Businesses will be required to appoint a DPO to help them comply with all their obligations under GDPR.

Alpha Tracker will enable you to store the details of the DPO in the system so that customers and staff can easily identify the person responsible.

5 Obligations on data processors

There are new obligations on organisations to keep data more secure.

We will be offering our Alpha Tracker customers enhanced security features including, for example, the encryption of all data held within Alpha Tracker and moving server data centres to facilities with the highest possible security standards.

6 Data Protection Impact Assessment and data breach response

If there is a data breach, the GDPR regulations insist that organisations follow a specific, thorough process in response including identifying individuals affected and notifying the appropriate authorities.

In all of the years we have operated Alpha Tracker, we have yet to experience a data breach. We are not complacent, though, and we will continue to focus on server and software security as a priority.  We have also updated our procedures should we become aware of a data breach.  

1 comment: