2,299
edits
Changes
no edit summary
This feature will allow you to tailor highly specific security and data retention policies to different classes of data. You are able to apply any number of policies to a category.
||
* [https://gdpr-info.eu/art-30-gdpr/ (30)(1)(e) Categories of Personal Data]
* [https://gdpr-info.eu/art-25-gdpr/ (25)(2) Technical and Organisational Measures; demonstration of purpose]
|-
||'''Data Retention Policies'''
||A data retention policy defines how ''long'' your organization will need to retain the data of this category in the system before it is erased. A data retention policy can be placed on any field in the system, and the erasure will be completely automated. Retention is based on the number of months or days after a specific date.
||
* (5)(1)(e) Storage Limitation
* (5)(1)(b) Purpose Limitation
|-
|| '''Data Security Policies'''
||
A data security policy defines who can see and/or modify the data of this category in the system.
Security policies support [[SmartSimple]]'s [[Role Based Security|role-based security]]. We can configure your security policies to help you achieve the principle of '''principle limitation''' and '''integrity and confidentiality''' by ensuring that only those who need to access data for legitimate, specified purposes will be allowed to do so.
||
* (5)(1)(b) Purpose Limitation
* (5)(1)(f) Integrity and Confidentiality
|-
||'''Pseudonymization'''
||
'''Pseudonymization''' allows you to mask personal data fields, so that the data you retain on an individual is rendered unidentifiable.
Pseudonymization allows for a nuanced approach to data management. Deleting a entire [[Profile|profile]] and all the data associated with a person is often unnecessary and will create gaps in [[Reports|reports]]. Utilizing pseudonymization enables you to render specific [[Standard Fields|fields]] unidentifiable, retaining the effectiveness of long-term reporting while meeting data retention requirements.
||
* (5)(1)(e) Storage Limitation
* (5)(1)(f) Integrity and Confidentiality
* (5)(1)(b) Purpose Limitation
|}
|}