When I have a GDPR-compliant information system, does that mean I do not have to deal with anything else?
This is not the case, a properly functioning information system is just one of many points that needs to be addressed before the European regulation comes into force. It is necessary to get the necessary conesnts, adjust the contracts, internal guidelines, train the employees, and set up the used information system properly with regard to the specific processes in the company. All the steps you need to manage GDPR succesully are summed up for you on our site.
Can ABRA Gen automatically recognize what data to protect and how?
No, like any information system, ABRA Gen needs to be set up and used correctly – if, for example, if there is a personal number in an item that is not intended for processing of personal numbers (eg in the IČ item) or the consent is not processed, data protection will not be guaranteed. In the beginning, it is necessary to analyze the processes in which personal data are processed and, in due course, to adjust everything that needs to be adjusted. Then the system offers a high level of security.
Do I need a consent to process any personal data? What about contracts or legal requirements?
It will not be possible to process personal data without a legal reason. Consent is one of them. Other reasons may include, for example, contract or legal requirements (for example, archiving of contracts, statutory guarantees, etc.). In the ABRA Gen system, it will be possible to record the legal basis on which the data can be handled, whether, for what purpose and for how long consent has been given, or by what legal period it is possible or necessary to delete the data. For specific settings and data handling, it is advisable to first analyze all types of data and consult the optimal course of action with a legal counsel.
Will the fields defined as personal data be automatically protected?
Defined patterns will be created that users will be able to use to work with personal information or use them for custom settings. However, it will be necessary to set the data to be protected from the outset, to determine the level of entitlement for different persons (eg other data will be seen by the salary accountants, another by the owner of the company) and to consider in advance any necessary modifications of the system according to their specific needs. For this purpose, it is best to first analyze all business processes that deal with personal data. In the basic version of ABRA Gen, the specified protection group items will be available for free, more advanced security can be addressed within an extended version of the system or customized.
Which parts of the ABRA Gen system will allow data protection according to GDPR?
Data protection will be organically growing through the whole ABRA Gen system, it can be set to all defined fields with personal data and will work the same way in the cloud or through the API.