Expand my Community achievements bar.

Do you have questions about the migration to Adobe Business Platform? Come join our upcoming coffee break and ask away!
RSVP now

GDPR compliance and also Russian users

Avatar

Level 3
Level 3
1/21/19 12:12:00 PM
We are growing as an international company and have some key people that are either employees or contractors for our company in other countries. I see some hint of GDPR compliance which is good but I was unsure if that referred to the Community and Help and Training sites and NOT the Workfront application itself since each company / customer has their own instance per se. Also we have some people in Russia which has it's own unique legal constraints that suggest that WorkFront would actually have to have a server on Russian soil to be compliant. Any others with experience with this? Bill Bos IT Director Classical Conversations

Views

294

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Level 3
Level 3
1/22/19 9:22:00 AM
We too are wondering how we comply with the Russian privacy requirements. Holly Harvey Church of Jesus Christ of Latter-day Saints - Publishing Services

Views

294

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
1/22/19 4:44:00 PM
From a GDPR perspective, it all depends on what types of information specifically on EU citizens you have in the system. If none of your Workfront-using employees are EU citizens and you aren't storing any information on customers/clients in the EU, then you really don't have much to be concerned about. If you do have users that are EU citizens, think about the kind of information you store on their account. If you have them upload pictures of themselves, many GDPR experts interpret that as sensitive data which can have additional implications in case of a breach. But in general, if all you have is their name and corporate e-mail address, then even in the case of a breach there aren't a lot of GDPR specific concerns. One area to think about, most people Deactivate WF users instead of deleting them altogether. If you never delete and those old accounts are for EU citizens, then there are some questions as to whether it is reasonable for you to keep that information (even if it's just their name). You should consult your organizations electronic records destruction policy and make sure you adhere to it. Lastly, if you are using it for marketing campaign purposes and you are uploading mailing lists for the campaigns to the Documents tab, if anyone in those lists are EU citizens and WF has a breach, you would have to inform them. To me, it is a risky proposition to keep that kind of data in WF for that very reason. All that is to say, if you have information on EU citizens in WF, it should be in your Data Register maintained by the Data Protection Officer. Jason Maust McGuireWoods LLP

Views

294

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 3
Level 3
1/22/19 5:01:00 PM
Jason, Thanks for your very thorough answer regarding GDPR and the EU, it confirms what I was already thinking about how to handle EU citizens. We should be ok since we are NOT using WorkFront for marketing, just have some international employees. We may need to direct them to NOT upload profile pictures etc. Any thoughts on Russia though? Bill Bos Classical Conversations

Views

294

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Show subgroup in Users section Solved

Views

50

Likes

0

Replies

1
Best Practice for Assigning Tasks to Multiple Users

Views

35

Likes

0

Replies

0
Adding a column on a project report to show users assigned to a certain task within a project

Views

90

Likes

0

Replies

1
Trying to do a Project Report and am displaying the statusUpdate field but would like to find the date of the statusUpdate

Views

226

Likes

0

Replies

1
How to get the document content like text and pictures in Workfront fusion?

Views

88

Likes

0

Replies

1