How to Manage GDPR Requirements when Processing Customer Data for Covid-19

How to Manage GDPR Requirements when Processing Customer Data for Covid-19

Published by: Sinead Woods
Published date: 6th Oct 2021

As we move forward in the lifting of COVID-19 restrictions, one of the recommended measures is for certain businesses to take contact details from customers and retain them for one month in the event that someone becomes ill and contact tracing by the health authorities is required.

The Data Protection Commission has published a guide to help organisations and to give guidance on maintaining records of customers who have visited their business whilst keeping their personal data safe. See full details of what’s required under these rules here.

This has huge implications on how you track and trace the data you collect including the reasons for COVID-19 related tracing.

So how do you manage these requirements in a compliant and effective way?  

Codec Labs have developed a solution based on Dynamics 365 which will ensure your organisation is fully compliant under GDPR rules in relation to the acquisition and retention of contact data which can be applied in these circumstances.

The GDPR accelerator provides a common set of features to manage GDPR compliance with extensibility, configured for your specific requirements and designed for Dynamics 365 to ensure a seamless experience for your data controllers.

The building blocks are already in place for

  • Consent tracking
  • Security roles
  • Compliance Reporting
  • Data Retention

The out-of-the-box features of the GDPR accelerator include:

Data Subject Requests

Data Portability provides an intuitive app to serve Data Subject Requests. You can easily extract everything your organisation holds about an individual from this simple app and manage the DSR process end- to- end from a central location.

Personally Identifiable Information

Data modeler empowers your data controller to identify which data structures store PII by tagging the entity. This ability is imperative to Data Subject Requests, Data Anonymisation & Pseudonymisation modelling.

Tracking Data Processing

Compliance Reporting tracks processing activities and provides reporting that will impact Data Privacy Impact Assessment and ensures you are able to demonstrate that technical & organisational measures are in place.

Data Anonymisation

Data modeler provides configurable processes to anonymise or delete data that is considered Personally Identifiable Information (PII). This feature also supports randomised & pseudonymisation scenarios.

Rectification Requests

Helps organisations validate the identity of the requester following pre-defined internal steps to guarantee compliance, security and data accuracy.

Data Portability

Data Portability provides an intuitive app to serve Data Subject Requests with a copy of their personal identifiable Information. Data can be exported in XML and JSON formats.

Data Retention Rules

Data modeler configures Data Retention rules and schedules recurring Data Deletion/Data Anonymisation processes.

Data Security Breaches

Data Breach Management stores, monitors, documents and handles data security breaches by automating responses and notifying the responsible individual within the defined 72 hours interval.

Data Protection Impact Assessments

Out of the box DPIA survey with close-ended and customisable questions (based on best practices) to assess the risks related with PII.

Consent Management

Consent Tracking manages, stores and tracks in detail the consents that are given, rejected or cancelled by the data subjects.

About Codec Labs

Codec Labs is a division within the Codec group, set up in 2019 to deliver additional value to customers in a quick and cost-effective manner by adding features to solutions already delivered, enhancing original systems and addressing specific customer requirements while minimising customisation and code development.

As a Microsoft Gold Partner and Dynamics Partner of the Year, Codec have built up extensive knowledge and experience across the Microsoft stack which provides us with the ability to innovate and develop solutions that demonstrate real measurable value for our clients. Our innovation practice is well resourced and draws from expertise across the company to develop initiatives to meet project requirements.

The Codec Labs division has overseen the development of over 15 individual solutions or accelerators that can be used within specific environments.

Find out more about Dynamics 365 for GDPR here.

Find out more about other Codec Lab accelerators here.

To request a consultation to discus your specific requirements click here.