When technology meets regulation (GDPR) - part I

Posted by Daniela Di Noi on 6/18/18 12:08 PM

Find me on:

Our previous blog series, the 7 challenges for securing your documents under GDPR, is a vadevecum on how to manage your unstructured data under the General Data Protection Regulation.

Unstructured data are found everywhere, in emails and documents, stored on local or network drives, in the Cloud or on USB Keys. If we want to adequately protect personal data stored in these documents, the first hurdle to take is to know what kind of personal data is in which document. 

In the last months we have been worked hard, in order to provide our customers with a GDPR ready solution to:

  • Manage GDPR information: how to detect new or existing personal information across a range of locations and formats, how to apply appropriate security and protection from internal and external risks and how to manage the entire life-cycle, including sharing documents within the team or third parties. 
  • Align to business departments: From HR to Finance, to Marketing and Sales to Operations, each department will access and process personal and sensitive information. In our solution we have set up GDPR roles-based access control to personal data.
  • Monitoring and reporting requirements: Implementation of security controls, monitoring and auditing to manage GDPR content. 

In this two-articles series we would like to answer to the following questions:

  1. In a nutshell, what is the solution? 
  2. What is the technology behind it?


1. in a nutshell, what is the solution?

In this case, a video is worth more than thousands words, so we would recommend you to invest your next 15 minutes to watch our practical demonstration, to solve your GDPR challenges.




Our solution focuses on specific requirements around:

  • Clear notifications to individuals as to how data will be collected and used, and how and with whom it will be shared;
  • Specific rights for individuals to access and correct personal data, and to request that processing of personal data cease;
  • Significant obligations to secure personal data and to notify regulators and individuals of certain types of personal data breaches.


Now that the solution is clear, you may be interested in understanding the technology behind it. In the next article we will elaborate on metadata-based access control extension and how to improve Alfresco Access Control List (ACL) lists. 

In the meantime, curious to know how Wolters Kluwer is complying with GDPR? Contact us and we will be happy to share with you our customers story.




Topics: Alfresco, Alfresco Certified Technology, Metadata, Handling Documents, GDPR, personal data, content management, securing of processing

About Xenit 


Xenit is a Belgium-based IT company, focusing  on content services solutions, and covering all document-related business processes, from data migration to digital archive to hybrid/cloud hosting solution, to help organizations get control of their information. Premier Partner and System Integrator of Alfresco Digital Business Platform, Xenit has more than 10 years of experience in Alfresco Content and Process Services.


Subscribe to Email Updates

Recent Posts

Posts by Topic

see all