When technology meets regulation (GDPR) - part I

Posted by Daniela Di Noi on 6/18/18 12:08 PM

Find me on:

Our previous blog series, the 7 challenges for securing your documents under GDPR, is a vadevecum on how to manage your unstructured data under the General Data Protection Regulation.

Unstructured data are found everywhere, in emails and documents, stored on local or network drives, in the Cloud or on USB Keys. If we want to adequately protect personal data stored in these documents, the first hurdle to take is to know what kind of personal data is in which document. 

In the last months we have been worked hard, in order to provide our customers with a GDPR ready solution to:

  • Manage GDPR information: how to detect new or existing personal information across a range of locations and formats, how to apply appropriate security and protection from internal and external risks and how to manage the entire life-cycle, including sharing documents within the team or third parties. 
  • Align to business departments: From HR to Finance, to Marketing and Sales to Operations, each department will access and process personal and sensitive information. In our solution we have set up GDPR roles-based access control to personal data.
  • Monitoring and reporting requirements: Implementation of security controls, monitoring and auditing to manage GDPR content. 

In this two-articles series we would like to answer to the following questions:

  1. In a nutshell, what is the solution? 
  2. What is the technology behind it?


1. in a nutshell, what is the solution?

In this case, a video is worth more than thousands words, so we would recommend you to invest your next 15 minutes to watch our practical demonstration, to solve your GDPR challenges.




Our solution focuses on specific requirements around:

  • Clear notifications to individuals as to how data will be collected and used, and how and with whom it will be shared;
  • Specific rights for individuals to access and correct personal data, and to request that processing of personal data cease;
  • Significant obligations to secure personal data and to notify regulators and individuals of certain types of personal data breaches.


Now that the solution is clear, you may be interested in understanding the technology behind it. In the next article we will elaborate on metadata-based access control extension and how to improve Alfresco Access Control List (ACL) lists. 

In the meantime, curious to know how Wolters Kluwer is complying with GDPR? Contact us and we will be happy to share with you our customers story.




Topics: Alfresco, Alfresco Certified Technology, Metadata, Handling Documents, GDPR, personal data, content management, securing of processing

About Xenit 


Xenit is a Belgium-based IT company, official partner of Alfresco, the Digital Business Platform. Focusing on intelligent information management and passionate about productivity, Xenit enhances Alfresco capabilities with a unique approach to eliminate content chaos

Our solution Alfred is an Alfresco fully integrated suite of products for content, process and records management which can be deployed on premise or in the cloud. The solution leverages and enriches Alfresco Content and Process Services, through

  • GUI (graphical user interface): Alfred offers Windows desktop native and web user interfaces, with focus on the search experience 
  • An open set of API’s (Integration layer): to isolate business application development from Alfresco platform upgrades.
  • Storage: for multi million legal and active archive
  • Monitoring: with full and transparent reporting of errors and status


Subscribe to Email Updates

Recent Posts