Friday 11 May 2018

GDPR Right To Be Forgotten

Mercury Systems version 278(f) sees the addition of two new routines added to the system, relating to the new General Data Protection Regulation (GDPR) beginning May 25th 2018:-

The first routine - "GDPR Single Client Deletion" - removes all personally-identifiable information from a given client record.  The client record itself is not removed, as it forms part of the 'service job' structure (which may include invoicing so must be retained for legal reasons), so instead the client name, client address, client telephone numbers and client email address / contact name fields are replaced with "*** GDPR ***".  If a customer contacts you to request their removal from your database, use this routine.

The second routine - "GDPR Multiple Client Deletion" - removes all personally-identifiable information from a range of client records where there has been no job created for the client within a given number of months.  Again, the client record itself is retained but without the personally-identifiable information.  The default value is 36 months, whilst the minimum value is 24 months.

With either routine, the client status is set to "GDPR REMOVAL" for affected client records.

The two new routines must be enabled by ticking User Rights token 10 - "Enable GDPR Removal Routines" within User Management, and then can be accessed from within Maintenance Module => Customer Routines.  Once the data has been removed, it cannot be recovered, so please only allocate this user right to trusted members of staff.

Please contact Hatchgate Software to obtain the latest software update.