• Terms and Conditions
  • Cookies & Privacy Policy
  • Data Agreement
  • Security

How an intranet helps you become GDPR compliant

An intranet is a company network, website or application that is used for internal communication and knowledge sharing. There is an increase in the use of more modern solutions, as an intranet can streamline communication and planning in the company, engage employees and increase productivity. But in addition to this, an intranet can also help you meet the requirements of the forthcoming General Data Protection Regulation (GDPR), which will come into force on May 25th, 2018. If you are unsure of what the GDPR is, you might want to read this article as it gives you an introduction to the General Data Protection Regulation and what it requires from your company.

So how can an intranet help your company meet the requirements? The new general personal data regulation has more stringent requirements in regard to internal communication and file sharing, which is where a solution such as Ziik can help your company towards becoming compliant.

Some of the requirements are the following:

  • Customer data may not be discussed on public forums
  • The company must have control of all data
  • The company must be able to delete all data about an employee if requested to do so by the individual
  • The company must be able to block access to information for users who no longer need access if they for example have left the company
  • The company must make a written agreement with its data processor(s)

An intranet gives companies control over data

An intranet can help separate personal and work life completely, and since customer data must not be discussed in public forums such as social media, it is important that employees’ private solutions are not used in a professional context such as to discuss topics that concerns your company or your customers.

The company must also have control over all the data, which will be difficult - if not impossible - if the company's employees use other means of communication than what is determined by the company.

An intranet makes it easy to delete or block data

As a company, you must be able to delete all data about an employee if requested by the employee if for example the employee leaves the company. This principle in the General Data Protection Regulation is called "the right to be forgotten", and also applies if customers ask the company to delete all data about them. If you use an intranet, it's quick and easy to delete all the data about an employee with a few clicks. With Ziik, you only need to delete a user in a single location and it will be removed from all platforms, including desktop and the native app.

The company should also be able to block access to data for users who no longer need access - for example for employees who no longer work for the company. With an intranet, there is also the advantage that, as an example, you can document your processes more easily and make sure that employees only see what is relevant to them. This is due to a hierarchical structure that is important if you want to segment between the different levels of the business. Ziik has a news feed, where if you post updates, you can choose which groups to see the entry. The groups can be based on countries, stores, or even the company's function - it's tailored to what best fits the business. There is furthermore a read and confirm function, which gives you the comfort that the message has come across.

Keep track of documents and data processing agreements through your intranet

A data processing agreement is an agreement between the data controller and data processor. If you have any doubts about your role, read this article about the General Data Protection Regulation and its most important actions. In short, if you use a third party, a data processor, such as a collection agency, or an IT supplier like Ziik, you need to make a data processing agreement with them. A data processing agreement is a written agreement, which must be signed by both parties. If you make use of an intranet like Ziik, it will also reduce the use of third parties as everything is combined into one. You can read more about our policies or write to us for more information.

An important thing to keep in mind regarding GDPR is that in addition to controlling the processes of collecting and processing personal data, you must also be able to document your processes. By using an intranet where you can upload documents and manuals, you can document these processes and make sure that the relevant employee knows the procedures. These processes can also be further supported by the read and confirm function.

To learn more about GDPR and how Ziik can help you, contact us here or at hello@ziik.io

Five steps to GDPR compliance
A detailed guide on how to get ready for GDPR