Faced with a growing regulatory burden, companies are looking not only for solutions which offer regulatory compliance as standard, but also for expertise and advice on implementing and constantly improving a comprehensive data governance model. Cegid has adopted a carefully designed approach to meet this dual requirement.
Transparency and Traceability Requirement
The contracts Cegid enters into with its customers describe both parties’ obligations. In accordance with GDPR, customers are informed in the event of attack, breach of data confidentiality or data leak or theft, and all the instructions given by customers, along with any elements proving the compliance of Cegid’s technical infrastructure, are logged in a register of processing operations.
Privacy by Design and Privacy by Default
Cegid is committed to building respect for privacy into its solutions from the design phase onwards and to offering users the highest possible level of data protection. Security is no longer optional, and it is no longer up to the customer to tick a box to opt-in to protection. Security is the now default setting. This change has been integrated into Cegid’s solutions thanks to a wide-ranging awareness-raising and training effort aimed at the staff concerned, notably developers and product managers.
The Obligation to Ensure the Security of Processed Data
Data confidentiality is now a default feature of Cegid’s offerings, and the company offers a level of security suited to the risks companies face. Cegid is committed to erasing or returning the data in its possession.
The Obligation to Assist, Warn and Advise
If the instructions given by customers do not comply with current regulations, Cegid will inform them immediately. The company is also committed to advising its customers on any issue relating to the confidentiality and security of their data, for example by explaining the difference between processing which is legitimate and does not require the end user’s consent, and processing which is non-legitimate and requires an opt-in.
Is my data really secure in the Cloud?
All SaaS offerings from Cegid have been updated to take account of the new European regulation. Minimisation and data erasure functionalities have been integrated, along with functionalities to manage users’ consent and the conservation, over time, of personal data.
Support and training will be offered to help our customers ensure their own compliance.