• :
  • :


Including a FREE 3 user network Document Management system with each scanner


GDPR is the European Union General Data Protection Regulation. The GDPR will apply to any entity offering goods or services (regardless of payment being taken) and any entity monitoring the behaviors of citizens residing within the EU. Companies are now directly responsible for data protection compliance wherever they are based (and not just their EU-based offices) as long as they are processing EU citizens’ personal data..

The regulation is due to be implemented and become law on 25th May 2018. The regulation will replace all data protection legislation in EU member states including the UK’s Data Protection Act 1998.

Non-compliance of the regulations can entail a fine of up to €20 million or up to 4% of turnover.

This news item is not intended as a guide to GDPR but to show how some of its main requirements can be achieved using File Stream Document Management.


Data Protection Officer

A Data Protection Officer is recommended for many larger enterprises especially in the Public Sector. The Data Protection Officer has the overall authority to set up and manage the GDPR

File Stream - The Data Protection Officer will be the, or one of the, controllers of the File Stream Document Management system. The Data Protection Officer will therefore be able to decide on privacy settings, retention times and all aspects of personal information held by the organisation. The one act of installing File Stream resolves nearly all the requirements of the GDPR.

Controllers and Processors

Controllers establish the data policy and Processors carry the policy out.

File Stream - Controllers can have all or some administrator rights in setting up File Stream. The Processors can also be given varying degrees of permissions as to what documents they have access to and what functions they can perform on those documents.

Document Retention and Right to Be Forgotten

File Stream - Enables comprehensive retention policies to be set for all documents with destruction dates and automatic notifications of when they are to be destroyed

Data Breach

Data breaches must be reported within 72 hours to the DPA (Data Protection Authority)

File Stream - Can help trace the source of a data breach by looking at the document audit trail and revision history to see who accessed the document and what they did with it.

Data Portability

The necessary transfer of data from one source to another.

File Stream - Documents can be made available for export in a variety of ways:


Data Protection must be “Designed In” and a PIA (Privacy Impact Assessment) made. Privacy against unlawful access is especially important for Payroll and Customer information.

File Stream - Has Data Protection designed in:

Records of Processing

Records must be kept when personal data is processed. Also, staff training levels and accreditation levels can be monitored.

File Stream - Information such as date entered / date modified / operator / document history / email properties are automatically kept. File Stream is regularly used as a solution for keeping all staff detail including accreditation status. An in built diary can be used to notify managers when staff accreditations need renewing.


Records need to be kept with consent for data held especially employee data.

File Stream - As these consents are generated (email / fax / Office doc / scanned paperwork, etc), they can be stored securely and easily in File Stream.