The topic of GDPR is a very ‘hot’ issue lately in the maritime companies. It’s now less than a year until the GDPR comes into play, yet many decision-makers and business leaders are still unsure of what it is and how they can prepare to make sure they don’t get stung with a heavy fine come May next year. We’ve put together this easy guide for Microsoft Dynamics NAV software in order to understand exactly what is and isn’t covered in their current solution.
The General Data Protection Regulation (GDPR) is the new EU law for the protection of personal data which will come into place from 25th May 2018. The GDPR applies to “personal data”, which includes any information relating to an identifiable person. There is no distinction between a person’s private, public, or work roles. Personal data can include names, email addresses, social media posts, location, bank details, IP addresses and cookies.
Under the new regulation, EU residents will have the right to access readily-available information in plain language about how personal data is used, access personal data, have personal data deleted or corrected and restrict or object to the processing of personal data, such as for marketing or profiling purposes. Businesses can be fined up to €20m or 4% of annual global turnover, whichever is greater, for failure to meet the requirements of the GDPR.
What can MS NAV software do to prepare?
Under Microsoft Dynamics NAV software, you already have a lot of the GDPR guidelines covered:
User IDs and Passwords:
As an administrator, create user IDs and passwords to limit access to the information in Microsoft Dynamics NAV to selected individuals. Because the Dynamics NAV database is on SQL Server, the Dynamics NAV security system and SQL Server security system work together to help ensure that only authorised users can gain access to the Dynamics NAV database. Dynamics NAV also uses a safe, encrypted connection to the data centre, ensuring security is not compromised from outside your organisation.
The Microsoft Dynamics NAV security system allows you to control which objects or tables a user can access within the database. You can specify the type of access that each user has to these objects and tables, whether they are able to read, insert, modify, delete or execute data. You can also give and take away permissions in real time, ensuring that users only access the sensitive information required for their role at the time they need it.
Microsoft Dynamics NAV makes it super easy to prove that your business complies with the GDPR. The accountability principle requires you to prove that you comply with various points on a checklist, many of which happen to be part of NAV’s basic specification. Therefore, by having implemented an up to date version of NAV, your business automatically complies with many of the stipulations of the GDPR.
The only thing more to take care of is to identify and secure any other personal data in your business. You’ll want to conduct a full audit of this – including what data is held where and how it is used. You’ll also need to make sure your staff are sufficiently trained to comply with the GDPR and are aware of what it entails.
According to a report by security firm Blue Coat, just 2% of more than 15,000 enterprise applications are GDPR-ready, Microsoft Dynamics NAV is one of them. Be ready.
Microsoft has extensive expertise in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.