Data Centers have to be able to demonstrate compliance with GDPR: The GDPR applies to every organization anywhere in the world that controls or processes personal data of EU residents.
EU-DSGVO Compliance
für Rechenzentren
für Rechenzentren
How Beta Systems Software Solutions for Data Centers help with compliance to GDPR requirements
Personal data should be processed fairly and transparently by organizations:
_beta doc|z is a great tool for processing and managing large data volumes such as lists, documents and print data in the data center. In -beta doc|z you can configure access rights with astounding precision, even down to individual document sections. This way, you can limit the access of external recipients and corporate users to precisely those parts of large documents relevant to them.
_beta doc|z plus is the perfect solution to search, filter and retrieve data getting all the transparency about personal data by using its powerful indexing capabilities. Companies can respond to requests of individuals without delay and can hone in on relevant data, filtering personal information not pertinent to the topic litigated or investigated.
_beta log|z can be used to facilitate a transparent audit about the use of personal data in the data center by collecting log data generated on the mainframe or on any distributed platform in a company-wide-log archive.
Beta UX LogMaster to protect your logs from changes, unauthorized access or deletion – with unchangeable log archiving to ensure audit security.
XINFO (SmartIS) is an intuitive and comprehensive information system that provides you with all the IT production details you need for any given task. Smart ‘readers’ allow you to import definition or operational data from a broad selection of system/program sources and process this data as required to facilitate analysis and searches (under z/OS and Windows) for any personal data in the data center.
Use of the data should be limited to the purpose for which the data was requested:
_beta access enables companies to restrict the access to data based on “need-to-know-principle” thereby ensuring that only employees in designated roles or locations can access personal data. This also enables companies to answer requests from individuals to see how their data is being processed and possibly request to limit the processing of the data.
Personal data should not be stored for longer than necessary:
_beta doc|z is a comprehensive software solution for managing, storing and providing bulk document data on the mainframe. Archive large volumes of documents in accordance with the requirements regarding audit and legal compliance including the automatic deletion after expiration of the retention time.
Evidence of where which data of a “data subject” (natural person) are stored for how long.
(Art. 5 GDPR)
Enshrining the rights of individuals according to GDPR: This includes rights to be informed how the provided data will be used, their access to the data and how it is processed, the right to rectification of the data, the right to erasure (the right to be ‘forgotten’), to restrict processing, to data portability and the right to object to processing the personal data.
(Art. 15-22 GDPR)
On request, be able to provide data records of the requesting data subject for migration.
(Art. 20 GDPR)
Obligation that the data center has implemented appropriate technical and organizational measures to ensure and to be able to demonstrate that processing is performed in accordance with GDPR.
(Art. 24 GDPR)
The technical and organizational measures ensure that personal data is not made accessible to an indefinite number of natural persons, thereby demonstrating compliance – Data protection by Design and Default.
(Art. 25 GDPR)
Evidence that your data center has “given thought” within the framework of the GDPR.
(Art. 28 GDPR)
