Data protection according to GDPR in a document management system

Updated on
Duomenų apsauga pagal BDAR dokumentų valdymo sistemoje

Document Management System (DMS) compliance with GDPR requirements is ensured by the following measures:

  1. Data search mechanism and tools for working with search results. This allows for prompt responses to inquiries about stored personal data.
  2. Data deletion mechanism that ensures no personal information that should not be stored by law is retained.
  3. Functionality for formal processing of inquiries about personal data held.
  4. Tools for managing user consents.

Data search mechanism in the document management system

The data search mechanism and tools for working with search results allow for prompt responses to inquiries about stored personal data. The mechanism works due to the following DMS functionalities and automated processes:

  • Configurable data search rules that allow for quick selection of data based on predefined criteria (Name and surname, email address, personal identification number, residential address, phone number, etc.).
  • The rules allow to describe in which records and metadata sensitive information is stored. It is possible to search not only by metadata in specific types of attributes, but also by specifying that the information sought may be anywhere (including in attached files).
  • Selected data is presented to the employee who performed the search. They can view it, open the corresponding records, make notes, remove them from the list of selected records. There are tools to generate a report on stored information (in .xls format) and the ability to export selected record files by creating a single zip file, which is sent to the workstation. Then the responsible employee can formulate a response to the person who sent the inquiry, providing the information held about that person. Each performed search query is archived in the event history log. The administrator can set the query retention period and actions after the retention period expires (delete/archive). The number of configurations is unlimited. Responsible employees can anonymize information in records. Anonymized information is encoded without the possibility of decoding it.

Data deletion mechanism

The data deletion tools in the DMS system ensure that no personal information that should not be stored by law is retained.

DMS functionality for implementing this mechanism:

  • Configurable rules for selecting data for deletion, which define how data is selected. It is possible to search in metadata, content, and attached files. Data can be deleted automatically or require confirmation of deletion.
  • Each configuration has responsible employees who are informed about the selected data for deletion/must confirm that the data should be deleted. The deletion action is logged (records of deleted data remain). It is possible to declare individual records or groups of records as non-deletable/not selectable for deletion.

Processing of personal data in the DMS system

The DMS system offers the ability to manage the personal data processing process, which can be modified as needed. The process is as follows:

  • An inquiry is received.
  • A task is created with a responsible person for providing a response.
  • The responsible person formulates a response to the inquirer and uploads a report with the response (or a link to an official document sent as correspondence) to the task.
  • The task is completed.

The formal process allows for easily accessible information about inquiries, responses, who collected the information, what information retrieval queries were performed, what the results were, what response was sent, and how long the entire process took.


User consent management

The DMS system allows for managing user consents and processing personal information. Users fill out consent forms, and responsible employees are informed about the filled forms. Consent forms can be of different types depending on what information needs consent for management or where the information will be used. Users can change their consent information. When changing information, a form with previously filled data is provided, and the user only changes the desired fields. Responsible employees are informed about the completed changes.

If the opinion changes, the previous version of the consent becomes invalid, and the newly filled form becomes valid (the valid form has a section showing all previous (invalid) versions of consents). The reporting service allows responsible employees to generate consent reports.

Lists are provided, showing valid consents by consent types, users, etc. Responsible employees have tools for initiating mass (and optionally selective) filling of consent forms. There is also the option to leave form filling as a self-service element for users.

If necessary, the system can send reminders to those who have not yet filled out consent forms.

If you are interested, please contact us, and we will be happy to tell you more!

Updated on

Read more