The General Data Protection Regulation (GDPR) is only a few months old. And already, most businesses have considered and determined how the new data security and personal data protection rules will affect them. Since MARK5 is a product many businesses use to handle personal data, we have recently focused on adding features to MARK5 that help customers comply with GDPR in a nice and easy way.
Here, we provide you with an overview of recently implemented enhancements in MARK5.
Report generation of user rights and permissions
According to GDPR, businesses must be able to provide both a procedure and documentation of how to handle private data as well as who has access. In MARK5, it has always been possible to view all actions through the log function in the admin tool. But, to make the information more useful as documentation, it is now possible to generate a report of users’ access rights and permissions – making it clear who has access as well as who has been handling what data. The report can be used as documentation of who handles data in the company.
Possibility to encrypt and decrypt emails
According to GDPR, personal data can only be send through email if the email is encrypted so only the rightful receiver can decrypt the information through a certificate. Many of our customers need to send personal data, therefore encryption and decryption of emails is now possible through MARK5. The administrator can add an option to encrypt emails when possible through the admin tool and it can be specified to only concern certain email adresses where encryption and decryption are relevant.
Edit and delete rights on personal and departmental email adresses
GDPR has introduced the right to get personal data deleted after a certain timeframe, also known as the right to be forgotten, which means that the data owner has a right to get their data removed from a controller or processor.
MARK5 has been modified to comply with the delete procedure, so the administrator can customise rights in a way that allows chosen users to delete emails from chosen mailboxes. This can be customised as needed in the specific context making it easier to get data owners’ private data deleted by controllers within the company.
Possibility to schedule emails to be auto-deleted
The right to get personal data deleted after a certain timeframe forces businesses to delete emails containing personal data after a period of time – A task that can be time-consuming if done manually. To minimise the customers time spend on this, it can now be handled automatically in MARK5. Emails containing certain predefined criteria can be scheduled to be deleted automatically after a defined period of time.