search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
CAFM & IT HOW TO WIN


CORPORATE FRIENDS AND PROTECT THEIR DATA


With the enforcement of the General Data Protection Regulation (GDPR) from 25th


May 2018 and organisational non-compliance resulting in heavy fines,


companies must deftly balance these new laws with providing a warm business welcome argues Geoffroy De Cooman, Managing Director at Proxyclick.


The average British worker attends over 6000 meetings in their career and many of those are hosted on client premises. There is therefore, a delicate balance that must be achieved between the visitor data that different departments are keen to capture and adhering to the stringent criteria laid out by GDPR. With data breaches potentially costing businesses as much as €20m or four percent of their company’s annual global turnover, FMs cannot afford a ‘chink in the chain’ when it comes to data security.


Collecting and storing a visitor’s personal data, means holding personal information such as names, car registrations, and contact numbers – to make sure your organisation is not in breach of the new data protection law, it is critical that robust data management systems are put in place early.


“A paper logbook is especially vulnerable as well as a potential vector of vulnerability for companies in the multi-tenant context.”


Whilst organisations are utilising the latest ‘proptech’ VMS to extend a warm welcome, it must be acknowledged that businesses will always deal with two very distinctive visitor camps; those that are reticent for any data to be held about them, particularly in the long-term, and those that expect organisations to remember their details for a swifter check-in experience.


Within companies too, different departments can have very different perspectives. For example, whilst the hospitality team will insist that the check-in process must be smooth, with returning visitors needing to be able to re-use their profile for fast and personalised check- in, those in the legal departments will insist upon the deletion of visitor data after a short period.


Then there are the conflicting requirements from the compliance department, which advocates deletion of visitor data to meet GDPR, but also needs to be able to produce logs of visitor activity to remain compliant with ISO and industry certifications. Add security into the mix, which might need to access data from over a year ago to investigate a theft, it’s clear to see why companies are currently struggling as to where to focus.


44 | TOMORROW’S FM


The paper logbook Whilst businesses are waking up to the fact that the new law will be enforced in just a few short months, not many of them have really figured out how to ensure compliance by the May deadline - and far fewer of them realise what a threat the paper logbook might present in that respect.


Critically, GDPR introduces much stronger provisions around consent and “right to be forgotten” for the data subject. Under the new regulations, consent must be freely given, specific, informed and unambiguous to meet GDPR requirements.


The problem lies in the fact that it’s hard to ask for consent elegantly via the paper logbook. Do you ask each visitor verbally and if so, what if your front desk teams handle a large volume of visitors and/or make an error? You could include it written in the logbook but then it would be very hard to make sure it’s read by each visitor. Furthermore, it’s important to ensure that different profiles of visitors are respected: those that value ease of use and swift access (e.g. recurrent visitors) versus added level of privacy and the right to not have their data stored for a long time.


How do you ensure you only ask the right questions to each visitor with the paper logbook? After all, in the real world, each of your visitor has a unique mission and relationship with your organisation - they might be a job candidate, a delivery person, a partner or perhaps an auditor. Does it make sense to ask all of them the same questions?


With a digitised solution, these questions are far easier to solve: your visitors will only ever be asked what is absolutely necessary based on the information they provide.


A paper logbook is especially vulnerable as well as a potential vector of vulnerability for companies in the multi-tenant context. To begin with, in most multi-tenant buildings, software such as visitor management software is typically selected by the property manager, not by tenants. This results in data from visitors to all tenants being grouped (not separated by tenants) into the software, including hosts names (employees of all tenants). This presents a significant challenge to data privacy. In most cases, tenants do not even realise that this is happening.


www.proxyclick.com twitter.com/TomorrowsFM


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66