20.05.2020 | News Two years with GDPR: How companies can close important knowledge gaps

After two years of General Data Protection Regulations, many companies are still struggling to find personal information in their databases. IntraFind explains how enterprise search technology can help them.

On May 25, 2020 GDPR has been in effect for exactly two years. In many companies, this anniversary is met with rather moderate enthusiasm, as it is often still a great challenge for them to meet the requirements of the European Data Protection Regulation. This is all the more serious as the authorities have abandoned their initial reticence after the GDPR's first anniversary. They announced that they would impose more severe penalties and put this announcement into practice.

One of the biggest problems for companies is the tracking down of personal information in view of the constantly growing flood of data. In ERP or CRM systems with their structured data storage, this information is quite easy to identify; in sources such as file shares, wikis or e-mails, on the other hand, this is much more difficult due to their unstructured data.

According to IntraFind, special tools based on enterprise search technology can help here. Modern solutions for company-wide searches are able to capture content thematically, sort data automatically and recognize relationships between data. For this purpose they come with a comprehensive AI technology stack consisting of machine learning as well as rule-based, linguistic and semantic processes. This also makes them ideal for tracking down GDPR -relevant data in unstructured data stores. Companies can thus:

Reply to requests for information: According to Article 15 of the DSGVO, anyone is entitled to ask a company whether personal data is present and, if so, what this data is. If someone submits such a request for information, all linked data can be searched and those documents can be filtered out that contain GDPR-relevant data about this person. Companies are thus able to obtain information within minutes and can easily meet the legal deadlines.

Create transparency: The data protection officers of the companies are given the opportunity to find out where GDPR-related data is stored. Based on personal aspects such as names, dates of birth, addresses, telephone numbers, email addresses or customer and contract numbers, they can, for example, output a list of the relevant documents sorted by frequency of occurrence. This can also include lists of employees or customers, whose existence was not even known, for example because they were filed incorrectly.

Manage DSGVO-relevant data.:The comprehensive overview of their GDPR-relevant data enables companies to clean up their data stocks and - if necessary - to delete or anonymize data in a systematic manner. They can also use it to complete their GDPR process descriptions. In this way, they can prove that they have taken all precautions to comply with their legal obligations using a suitable analysis tool.

"With modern enterprise search technology, companies and organizations can finally get the difficult GDPR compliance completely under control and also manage unstructured information performantly according to GDPR aspects", says Franz Kögl, CEO of IntraFind Software AG. "Many of them are already doing this and are using the iFinder GDPR, for example, to find and clean up personal data in documents and all unstructured information in addition to the support in the request for information, thus closing important GDPR-relevant knowledge gaps".