The GDPR shake up IT communities and reflections of all companies dealing with the personal data of European citizens with the approach of the 25th May 2018.

Understanding the GDPR is the start point before any compliance process. Knowing the regulations in broad outline helps to better identify needs.
But, to roughly summarize, three terms to have in mind prevail in the new regulation: Security, confidentiality and responsibility.

What Salesforce is doing about GDPR ?

Salesforce already secures citizens personal data within the application, since 1995 in order to respect the Data Protection Directive (Directive 95/46 / EC) :

  • At the network level : HTTPS encryption, firewall and IP restriction.
  • At the data level : authentication, data access control, data auditability, data encryption.

Then, Salesforce welcomes the GDPR as an opportunity to deepen its commitment to data protection.

Salesforce comply with the GDPR in the delivery of its service to their customers. Salesforce is also dedicated to helping its customers comply with the GDPR.

They have analyzed the requirements of the GDPR and are working to make enhancements to their products, contracts, and documentation to help support Salesforce’s and customers’ compliance with the GDPR. See more details about Salesforce help to GDPR compliance here.

As a exemple, the Winter release ‘18 plans to update features regarding Data Life Cycle in order to help you in data management and GDPR compliance within the CRM.

Note Salesforce provide Trailhead for free. It’s a training platform with modules relative numerous subject like Sales Cloud configuration for example, or the famous European Union Privacy Law Basics modules, that permits to better understand the challenge.

What Bluefactory is doing about GDPR ?

Even if Salesforce is secured, there is still risks about data loss. And now citizens rights are strengthened with GDPR, you should use all the technical solutions available but needed to guarantee EU citizens data security, integrity and quality.

As an efficient and proactive solution, backup strategy is largely encouraged by EU legislators to comply with :

  • Data loss prevention (GDPR Article 32)
  • Data loss detection (GDPR Article 33.1)
  • Right to access to personal data (GDPR Article 15.3)
  • Right to be forgotten (GDPR Article 17)
  • Right to portability (GDPR Article 20)
  • Data integrity & security principle of the GDPR
  • Responsibility principle of the GDPR

Moreover, Salesforce recommend such a technology in its data recovery support :
"We recommend that you use a partner backup solution"

Indeed, using Bluefactory is so a step forward GDPR compliance as data backup strategies are a way (one of the less expensive) to protect users' data from damages.

The GDPR implies logically a global understanding of the regulation in order to be compliant. As a subcontractor and thanks to its technology, Bluefactory can help you on implementing GDPR compliance.

However, note having the right technology is a step, but you can’t afford to minimize the human factor and the process within your organization in order to be GDPR compliant.