OpenText novosti (6)
GDPR - minimizacija nasuprot maksimizaciji podataka
Napisao/la Super UserTrenutno večina poslovnih organizacija i njihovi marketing timovi slijede praksu takozvane maksimizacije podataka, odnosno praksu prikupljanja što je moguće više podataka o korisnicima, ponekad i prije nego što bi znali za što, kako i kada će koristiti te podatke. Dodatno, oni će izvlačiti iz tih podataka što je moguće više vrijednosti, iznova iz koristiti za različite namjene ili ih jednostavno prodati drugoj tvrtki.
Jedna od najbitnijih odrednica GDPR regulative je princip minimizacije podataka, odnosno da poslovne organizacije prikupljaju samo najmanji moguću količinu osobnih podataka na najkraći mogući rok i da ih obrišu odmah nakon što te osobne podatke iskoriste za točno određene namjene.
O konceptu minimizacije podataka i kako se OpenText priprema za GDPR regulativu pročitajte više na zvaničnim OpenText GDPR stranicama.
GDPR je pred samim pragom. Ova nova striktna regulativa stupa na snagu 25. svibnja ove godine i nameće strogu regulativu ne samo za kompanije iz EU zemalja, već i za tvrtke iz ostalih zemalja svijeta koje posluju u EU ili imaju neki poslovni odnos sa stanovnicima EU.
Regulativa je dizajnirana tako da ujednačava pitanja privatnosti u cijeloj EU, definira stroža privatna prava s ciljem postizanja ravnoteže između pitanja privatnosti i sigurnosti, te propisuje izričitu obvezu za sve koji obrađuju podatke i sve koji kontroliraju obradu podataka da prilikom izvršavanja svojih zadataka budu u skladu s GDPR-om.
Za kompanije bi bilo dobro razmotriti i primijeniti koncept „Privatnost po dizajnu“ koji nastoji ugraditi principe privatnosti u najbolju praksu, sisteme i programe. Ključno načelo koncepta „Privatnost po dizajnu“ je da se privatna prava štite i izvršavaju by default s ciljem da se unaprijed umanje rizici za povredu privatnosti.
Sa aspekta programskih rješenja i dizajna poslovnih procesa to znači da ovaj koncept treba obuhvatiti:
- Minimalno prikupljanje podataka: ograničiti prikupljanje podataka o osobnim identifikacija na minimalnu količinu neophodnu za konkretnu obradu,
- Klasifikaciju podataka: osigurati da su podaci o osobnim identifikacijama označeni i da im je dodijeljena odgovarajuća razina zaštite od izloženosti,
- Pseudonimizacija podatka i šifriranje podatka: osigurati trajnu sigurnost, integritet, dostupnost i otpornost osobnih podataka i sustava koji obrađuju i čuvaju takve podatke, kao i osigurati takvu obradu osobnih podataka koja se neće moći povezati za određenim subjektom čiji se podaci obrađuju,
- Agregacija podataka: osigurati da korišteni alati za obradu mogu agregirati podatke o osobnim identifikacijama na najvišu moguću razinu,
- Revizija i kontrola: pružiti mogućnost svim subjektima čiji se osobni podaci obrađuju da imaju nadzor nad tim postupcima i osigurati tvrtkama koje obrađuju osobne podatke da mogu učinkovito prezentirati usklađenost
- Intuitivan dizajn korisničkog sučelja: staviti na raspolaganje korisnicima takvo sučelje putem koga mogu lako razumjeti obavijesti o privatnosti, dati suglasnost za obradu (GDPR strogo propisuje da implicirana suglasnost više nije dopuštena), povući suglasnost i jednostavno upravljati postavkama privatnosti.
Izrada sigurnosnih kopija i povrat podataka za OpenText Documentum platformu
Napisao/la Super User
Documentum platforma za upravljanje sadržajem je moćno rješenje koje omogućava da poslovne organizacije razvijaju i koriste robusne poslovne aplikacije. Kompanije investiraju značajna sredstva u Documentum platformu s ciljem da pojednostave ključne procese, optimiziraju poslovne operacije i usklade svoje poslovanje sa korporacijskim i industrijskim propisima. Poslovne aplikacije su na kompleksan način povezane sa masivnom, stalno rastućom količinom poslovno kritičnih informacija.
Zaštita takvih informacija od korupcije i gubitka je vitalna, međutim, djelotvorna izrada sigurnosnih kopija (Backup) i povrat podataka (Recovery) mogu biti kompleksni uslijed strogih režima pružanja usluga i kompleksnog odnosa između sadržaja i meta-podataka.
Više od 85% svih elektroničkih poslovnih transakcija se odvija pomoću tehnologije za elektroničku razmjenu podataka (EDI - Electronic Dana Interchange).
Što je EDI?
EDI je razmjena poslovnih dokumenata između računala. Radi se o razmjeni dokumenata kao što su narudžbenice i računi, u standardnom elektroničkom formatu, između poslovnih partnera koji međusobno posluju. U suvremenom poslovnom okruženju, EDI je najčešće korištena tehnologija za B2B elektroničko trgovanje. Ova tehnologija mijenja pravila igre u svim industrijama i čini krvotok mnogih uspješnih poslovnih organizacija.
Bilo da vam je EDI novost ili da tražite način da upotpunite svoje znanje, odnosno trebate jednostavno objašnjenje za vaše kolege o prednostima koje EDI donosi, EDI Basics eBook je za vas. Molim preuzmite na poveznici.
General Data Protection Regulation (GDPR) – What is it and how Does it Impact Enterprise Information Management
Napisao/la Super User
In May 2016, a new EU Regulation and Directive was released to govern the protection of personal data, the General Data Protection Regulation (GDPR). It will enter into force after a two year grace period in May 2018. This is just little more than one year to go and enterprises need to get active to evaluate what it means for them and how they need to prepare.
As stated on the European Commission website: “The objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business.”
Data protection laws are nothing new in the European Union. However, the new GDPR rules presents some significant impacts and changes to current data privacy regulations. For one, what used to be a directive, is now a regulation with full force of the law, valid across all EU countries. And despite BREXIT, the UK government has confirmed that UK will implement GDPR (read the UK Information Commissioner’s blog on this topic).
The other important aspect is that GDPR now imposes substantial fines upon individuals and enterprises that do not adhere to the law. Minor breaches will be fined up to 10 Million EURO, or up to 2% of the total worldwide annual turnover of the preceding financial year for a business, whichever is higher. Major breaches will be fined up to 20 Million EURO, or up to 4% of the total worldwide annual turnover of the preceding financial year for a business, whichever is higher. And it should be re-emphasized that the turnover is not just the turnover of the EU located part of the enterprise, but the worldwide turnover of the enterprise.
Protecting Personal Data of EU Citizens – What does that mean?
As GDPR protects the personal data of the citizens of the European Union, it imposes duties upon enterprises, that collect and manage personal data. These entities are called “Data Processors”. Data processing entities located in the EU are subject to GDPR, but also companies outside the EU that process personal data of EU citizens. So the regulation also applies to non-EU enterprises: EU GDPR requires compliance outside of the EU as well (EU GDPR applies for non-EU companies with contact points to the EU).
Collecting and processing data is legitimate as long as it serves a justified purpose, as defined by GDPR, for example “if data processing is needed for a contract, for example, for billing, a job application or a loan request; or if processing is required by a legal obligation …”
Such justified purposes for storing and retaining personal data are, for example, laws that govern retention of content, such as tax relevant data and documents, where retaining the scanned vendor invoice or a customer bill is not only justified but an obligation.
What is the relevance of GDPR for Day-to-Day Business Processes?
There is personal data processed and stored during the course of day-to-day business processes that relates to business partners, such as customers and suppliers, in the procure-to-pay processes as well as order-to-cash process. To give some concrete examples, let’s now take a look at an enterprise that uses SAP ERP to manage their processes and OpenText to attach business documents to these processes.
It is of course not just about the data created and stored in the SAP database of the leading enterprise application (ERP, CRM, …), it is also about the business documents that are captured during this process. Take for example, an incoming vendor invoice on paper, which is scanned, attached to the transaction via ArchiveLink and then securely stored on the OpenText™ Archive Center. Or in the example of an order-to-cash process it an incoming sales order and delivery note to a client, which are linked to the SAP order and stored in OpenText.
May 2018, GDPR will start to apply following a two-year transition period to allow the public and private sector get ready for the new rules.
So how should enterprise prepare and get ready for GDPR?
With regards to aspects of storing personal data for a justified purpose, enterprises need to set up policies and procedures – not only to retain content as long as they are obliged to do by law such as taxation or product liability laws, but also to delete content in a timely fashion when it is no longer needed respectively the justified purpose for retention has expired.
Learn more about OpenText’s capabilities to support GDPR requirement in the SAP environment in a forthcoming blog post, and also by reading our other blog entries here and here. You can also visit our web site and learn how OpenText EIM offers capabilities that can support customers to prepare for GDPR or listen to our webinar.
Premier Medical Group Delivers Secure, Scalable Hybrid Cloud Fax Solution with OpenText
Napisao/la Super User
Arizona-Based Company Offering Independent Primary Care Enhances Security, Service and Speed of Health Information Exchange
Waterloo, ON – 2018-1-9 – OpenText™ (NASDAQ: OTEX, TSX: OTEX), a global leader in Enterprise Information Management (EIM), today announced that that Premier Medical Group, a rapidly growing company offering independent primary care to the Arizona community, has chosen OpenText to help enhance security, service and speed of patient information exchange. Using OpenText™ RightFax™ with OpenText™ RightFax™ Connect, Premier Medical Group is able to deliver a secure and scalable, hybrid fax solution, leveraging the OpenText Cloud.
Based in Phoenix, Arizona, Premier Medical Group has experienced rapid growth, adding multiple healthcare practices to meet the area’s growing healthcare needs. With plans to add more independent practices in the coming months, Premier Medical Group needed to change its existing fax solution to meet the needs of its increasing healthcare provider base. To optimize operational efficiency and enhance patient care, the group replaced its outdated and outgrown fax system with OpenText RightFax with RightFax Connect, a secure, scalable and cost-effective digital fax solution.
“When filling prescriptions, patients want them waiting at the pharmacy five to ten minutes after leaving our office. If their prescription is not there, we start getting calls,” said Dr. Sunny Maheshwari, executive board director at Premier Medical Group. “With only two desktops with modems in our server room for incoming and outgoing faxes, staff were left waiting to use the single phone line for each prescription. We needed a solution that could handle multiple faxes at the same time, especially during peak business hours.”
Premier Medical Group selected RightFax, the centralized fax server solution from OpenText, which integrates with desktop and business applications to help enable secure, high-volume and automated faxing capabilities. Premier’s need for a simple, scalable and cost-effective solution led them to add on RightFax Connect, which combines cloud-based fax delivery with the on-premises RightFax server for an end-to-end, hybrid fax solution.
Dr. Maheshwari continued, “The security of patient health information was a key concern for us. Incoming faxes were being stored on our servers, which meant independent servers were floating around holding patient data. OpenText offers a secure system with centralized servers and all the documents in one location to help mitigate this risk and meet HIPAA compliance.”
RightFax Connect eliminates the time and cost of configuring, troubleshooting, and implementing fax boards, gateways, capacity planning, channels, and phone lines, and instead takes the telephony component to the cloud. In addition, the solution delivers flexible cloud faxing that scales automatically to provide capacity for large fax volumes, including bursts and peaks. The ability to integrate with the company’s existing applications was another deciding factor in selecting OpenText. As the leading fax server in healthcare, RightFax integrates fax with email, electronic medical record systems (EMRs), desktop and document management applications, and enables high-volume, automated fax delivery from CRM, ERP, ECM, vertical and other host applications. In particular, Premier Medical Group needed tight integration with its EMR, NextGen healthcare applications.
“Cost is one of the most important differentiators because, at the end of the day, people count every penny. The OpenText solution was far more cost effective,” said Dr. Maheshwari. “The level of integration with NextGen was also really important to us, and OpenText certainly delivered on that.”
“The RightFax Connect solution was a lot more scalable to accommodate the growth we are experiencing. Rather than allocating four ports, six ports, eight ports, or 16 ports for fax volume capacity—we didn’t really know how many we actually needed—it was better to go with a solution that is implemented in the cloud by OpenText,” explains Maheshwari.
Dr. Maheshwari added, “With OpenText Professional Services our transition to the RightFax solution was easy. It has been a smooth and seamless transition. RightFax has saved us time to do some of the things that we needed to do. The biggest benefit to an owner is a minimal number of hiccups, because any time a hiccup occurs, it always goes right to the top. With our deployment of OpenText, no issues were brought to my attention, meaning we had a successful launch and ongoing deployment of these solutions.”
With the powerful simplicity of cloud-based telephony, the company can now send and receive multiple faxes at the same time. In addition, the solution helps keep the content secure with encryption at rest and in transit.
“With medicine, every day is a challenge. There are new things that come up, whether it is HIPAA requirements, secure faxing, or patient compliance. Trying to partner with the right company is important to our organization to make sure that we have the ability to scale; do things in a clear, systematic manner; and make sure resources are available so that as we grow, we can troubleshoot problems and address them. With OpenText, we do not have to worry about patient data sitting somewhere and worry about what needs to be done with that; that is very beneficial. OpenText was the right partner to go with, and I think we’ll continue to grow together as we expand and take advantage of the resources that OpenText has for us,” concluded Maheshwari.