The General Data Protection Regulation (GDPR) is new legislation put into place by the European Union to strengthen data protection by regulating how organizations and individuals obtain, store, use, and dispose of personal data. Higher Logic's GDPR tools help support your organization’s compliance with the new GDPR regulations that went into effect on May 25, 2018.
In this article, you'll learn how you and other admins can use these tools to manage compliance within Marketing Automation Professional (MA Professional).
Other GDPR Resources
GDPR went into effect on May 25th, 2018. This law not only focuses on consent, but also individuals' data and their rights. It's important for organizations to assess what changes need to be made in order to comply with GDPR (for controllers and processors of data). Listed below are resources to help you get started.
NOTE: If you have questions for our compliance team, create a case and we'll do our best to assist you.
- Higher Logic GDPR support
- How to Prepare for GDPR
- Introduction to the EU GDPR
- GDPR Roundtable Recorded Webinar
Data Deletion Process Overview
MA Professional users cannot delete their own Personally Identifiable Information (PII); instead, they must request to have an admin do it for them.
Higher Logic facilitates an individual's data-deletion request via a combination of anonymization and deletion of personal information and activity within MA Professional. This includes deletion of PII and nulling out fields (but maintaining a unique identifier for that specific record). In some cases, Higher Logic may even anonymize specific PII or activity data.
Managing Compliance in MA Professional
Admins can manage deletion requests within the Professional from the Manage Compliance page, located in the Admin interface:
- Hover over Admin (gear icon) in the side menu.
- Click Compliance.
From here, you can search users by entering their name and clicking Go. In the search results, the following data-management options are available for each user:
Details & History
In cases where search results return more than one individual with the same (or similar) name, the best practice is to view the user's details to ensure you're managing the correct user before accessing a data audit report or performing a deletion request.
Request Data Report
Requesting a data audit report takes about 24 hours for the system to process; it will then be available on the View Request History page, containing the individual’s personal information and all of their contributions/activities within Professional.
Delete Individual Data
Selecting this initiates a data-deletion request, whereby the system automatically erases an individual’s personal data through a combination of deletion and anonymization.
Tracking Deletion/Audit Requests
You can view all data-deletion and data-audit requests, and their statuses, from the View Request History page, accessible from the Admin > Compliance page. Requests currently in progress are indicated as such, while admins can view reports about completed requests at any time.
NOTE: Once a data-deletion request is complete, the associated individual will no longer appear on the View Request History page.