In my last post we discussed GDPR and the impact it have can have on organizations that store, maintain, manage and store privacy protected information within Enterprise Content Management systems, whether they are located in the EU or not.
The same rules and requirements for personal privacy protection apply to operations that print and distribute that information. A few examples are the companies that print, mail and electronically distribute statements, invoices and other customer facing documents.
Compliance with GPDR as well as other privacy and security regulations require that organizations take reasonable and proper steps to secure personally protected information. Although certainly not trivial, there are industry recognized processes and procedures to attain this goal. What becomes more than trivial and standard is the requirement to continue to protect the information when it is sent outside the organization’s firewall.
Those organizations that send information to a print provider for production printing must continue to safeguard the information. Both the sending and receiving organizations have the responsibility under GDPR to protect the information and prevent unauthorized access. Encryption, transmission and decryption within a standardized, repetitive format can solve the challenge.
A fully composed print file can be compressed and encrypted with a public/private key combination, transmitted to the recipient print service company and decrypted only when the printer is ready to accept the print file. The use of this methodology can have benefits far beyond the security it provides as default.
This method along with the methods discussed in my earlier post can go a long way in making an organization compliant with GDPR as well as other security requirements.