James Thew - Fotolia

Tip

Free GDPR tool for SharePoint aids data privacy compliance

A free, open source tool for SharePoint helps admins build a GDPR management hub to comply with the EU's data privacy law.

The European Union's General Data Protection Regulation requires organizations that maintain personal data to comply with its data privacy rules. Compliance with the law will be a massive undertaking for many companies, but there are GDPR tools to help.

Under this new regulation, companies must have data security measures in place to protect their customers' personal data by May 25, 2018.

Organizations already using SharePoint can use it to help manage the overall planning and execution of activities, tasks, events and documentation related to GDPR. What's more appealing to many organizations is the existence of a ready-to-go GDPR tool for SharePoint that can help manage data privacy projects.

A free, open source SharePoint tool called GDPR Activity Hub on GitHub is an open source starter kit for building a management portal for GDPR compliance. While the initial project was uploaded in June of 2017, the code has continued to receive updates and feedback from the developer community.

SharePoint administrators can easily deploy the GDPR tool by following the instructions available within the setup guide. Once successfully deployed, employees charged with GDPR compliance can begin to use the platform.

The GDPR Activity Hub includes the following functionalities:

A GDPR summary page. The first landing page of the GDPR tool includes several key performance indicators that highlight the current state of the organization's compliance, as seen in Figure 1.

GDPR Activity Hub summary page
Figure 1

SharePoint lists to track activities and events. As part of tracking the status of different events related to reported security incidents, data consents, archival and processing, the site offers end users a customized form that captures all the relevant information related to each type of event. This information is then used to drive some of the scores available within the main summary dashboard, as seen in Figure 2.

Incident or event entry page in GDPR Activity Hub
Figure 2

SharePoint list to track data action requests. Under GDPR, EU citizens can request copies of their data, and, under the right to be forgotten rule, they can demand that it be deleted. To track those specific requests, the portal offers a customized SharePoint list that can act as a request repository to help maintain visibility, as seen in Figure 3.

Activity Hub inquiry portal
Figure 3

Request and task management for GDPR processes. Another tool in the GDPR Activity Hub is the task management component, as seen in Figure 4. This section of the platform offers a way for different participants in the GDPR process to assign tasks associated with requests, compliance or documentation to team members. With this native SharePoint functionality, GDPR managers can ensure that deadlines are met and different team members have tasks assigned to them.

GDPR Activity Hub task management component
Figure 4

While there are several commercial compliance and assessment tools, and some others provided by Microsoft in Compliance Manager, the SharePoint GDPR Activity Hub provides a quick and easy way to manage and support all the GDPR requirements.

For those administrators who may still be on the hunt for a GDPR tool to support them on their way to data privacy compliance, this open source offering is a great option.

Dig Deeper on Information management and governance