What Salesforce is doing about GDPR ?
Salesforce already secures citizens personal data within the application, since 1995 in order to respect the Data Protection Directive (Directive 95/46 / EC) :
At the network level : HTTPS encryption, firewall and IP restriction.
At the data level : authentication, data access control, data auditability, data encryption.
Then, Salesforce welcomes the GDPR as an opportunity to deepen its commitment to data protection.
Salesforce comply with the GDPR in the delivery of its service to their customers. Salesforce is also dedicated to helping its customers comply with the GDPR.
They have analyzed the requirements of the GDPR and are working to make enhancements to their products, contracts, and documentation to help support Salesforce's and customers' compliance with the GDPR.
As a exemple, the Winter release '18 plans to update features regarding Data Life Cycle in order to help you in data management and GDPR compliance within the CRM.
Note Salesforce provide Trailhead. It's a training platform with modules relative numerous subject like Sales Cloud configuration for example, or the famous European Union Privacy Law Basics modules, that permits to better understand the challenge.
What Bluefactory is doing about GDPR ?
Even if Salesforce is secured, there is still risks about data loss. And now citizens rights are strengthened with GDPR, you should use all the technical solutions available to guarantee EU citizens data security, integrity and quality.
As an efficient and proactive solution, backup strategy is largely encouraged by EU legislators to comply with :
- Data loss prevention (GDPR Article 32)
- Data loss detection (GDPR Article 33.1)
- Right to access to personal data (GDPR Article 15.3)
- Right to be forgotten (GDPR Article 17)
- Right to portability (GDPR Article 20)
- Data integrity & security principle of the GDPR
- Responsibility principle of the GDPR
Moreover, Salesforce recommend such a technology in the data recovery support :
"[...] We recommend that you use a partner backup solution [...]"\
Indeed, using Bluefactory is so a step forward GDPR compliance as data backup strategies are a way (one of the less expensive) to protect users' data from damages.
The GDPR implies logically a global understanding of the regulation in order to be compliant. As a subcontractor, Bluefactory can help you understand and advise you on implementing GDPR compliance.
Note having the right technology is a first step, but you can't afford to minimize the human factor and the process within your organization in order to be GDPR compliant.