How to implement process which satisfies GDPR Europe compliance

Hello UiPathians,

i hope everyone doing good.

I would like to understand what are the best practices we have to follow to achieve the GDPR Europe compliance for automating any use case with UiPath.

Mainly while dealing with very sensitive use cases like tax and HR( it is highly uses the customer sensitive information like SSN, address etc.) in these cases we are getting lot of questions from audit team that how we need to maintain RPA process which is complaint with GDPR rules. if any body have any experience or thoughts on this please share your knowledge. thanks.

in short:

  • the process automation has to be embedded into the Corporate overall Strategy
  • against the audit team you would prove
    • the overall strategy on the Architecture - e.g. logs, Orchestrator records (e.g. QueueItem data…)
    • the process related strategy - what is logged, what is stored on filesystem

So it is not a simple “we have done it” it is more about “challenge our work, we had it fully integrated to our procedures”

1 Like

thanks @ppr for your thoughts.

Currently we are dealing with the sensitive information we are not displaying on our orchestrator logs. And also we make sure that we are not keeping any files related to the process in our local drives after processing we are deleting those files and uploading the files to suggested file sharing system like box etc.

other than the above points do you share any other suggestions. thanks.

1 Like

Hey @kirankumar.mahanthi1 !! I have this article saved in my readings. Perhaps it will be as useful to you as it was to me.

https://www.cigen.com.au/why-how-implement-gdpr-compliance-robotic-process-automation/

1 Like

Thanks @gabrielribas4 for your link. Appreciate your help.

Hi Tim @codemonkee ,

Could you please share your valuable thoughts on this. thanks.