Meeting the Need
The General Data Protection Regulation (GDPR) initiative has placed a significant responsibility on all companies within the EU in terms of ensuring the proper handling of private customer data. Enterprises are now required to attend to customer requests to exercise their GDPR-bestowed rights, such as the right to access, right to erasure and right to data portability.
The implementation of large-scale regulations, such as the GDPR, requires that organisations address how such compliance measures will impact their day-to-day operations. Critical factors to consider on the path to compliance include how regulations affect organisational workflow, internal & external communications and employee collaboration.
iCasework, an independent UK-based company with over 18 years of experience in enterprise case management, offers a robust platform that has been specifically tailored to the requirements that the GDPR entails.
iCasework’s Case Management Platform offers a robust, comprehensive environment designed to handle all aspects of GDPR-related requests. Our approach to effective case management is based on a strong focus on case workflow, secure communications and configurability.
The Case Management Platform features a highly intuitive, straightforward workflow that facilitates an easy transition from one stage to the next in terms of managing GDPR-related cases. We offer a high level of configurability that empowers your enterprise to fully control workflow accessibility based on your business requirements.
Our solution offers multiple customisable user types that enable access to functionality based on their role within your organisation. For example:
- Frontline Users (e.g., from a contact centre) may be able to create new cases, but have limited capability to work on them;
- Case Handlers can have varying degrees of access to increasingly complex case management features; and,
- Power Users, such as administrators and management, would have access to the full array of functionality such as reporting, analysis and internal performance metrics.
Unlike generic case management systems, iCasework’s Case Management Platform is designed specifically to manage GDPR related cases. Whether via e-mail, contact centre staff input or a website form, customers have multiple options to initiate requests.
On receipt, the solution automatically assigns a unique case number and enables your case handlers to specify the type of GDPR request (i.e., subject access request, individual’s right request, disclosure request or incident / breach). All files, documents, photos, graphics, audio and other media sent by your customer are immediately associated with the new case and can be accessed at any time.
The workflow is highly intuitive — case management processing is facilitated by straightforward “What’s next” and “What’s done” content sections. Case handlers simply need to follow the steps from initial assessment to case closure.
There is no room for error, as each stage is based on the exacting requirements needed to comply with the GDPR regulatory framework. This includes opportunities for internal collaboration with colleagues as well as customised templates that support external communications with customers.
As with all compliance driven workflows, accountability of actions is of paramount importance. This is equally true for the GDPR and is facilitated by a pair of features: the Timeline and Audit Trail.
The former is an event-driven interface that displays the progression of completed tasks over a case’s lifecycle. The latter—the Audit Trail—is a user-driven interface that conveys exactly what actions were taken according to the user who performed them, including user access records.
At the heart of the Case Management Platform is its secure, self-contained communications feature set. Case-related e-mail messages between your organisation and your customers are performed entirely within the Case Management Platform environment, effectively enabling you to centralise all content in one location.
All messages and their associated content, such as media and documents, are recorded and kept for easy reference within the system. Customised GDPR-friendly templates and configurable branding allow your organisation to send bespoke corporate messages from the Case Management Platform. When customers reply to your e-mails, the content—and all attachments—are automatically associated with their case for future reference.
In line with the core intent of the GDPR, iCasework’s Case Management Platform offers a highly secure self-contained structure when communicating externally with clients. When sending a message, simply tick the “Send securely” checkbox to enable a password-protected logon procedure that allows customers to access their sensitive data from the security of the Case Management Platform. To learn more, please see Secure data delivery.
Internal communications are facilitated by integrated workflow processes and collaborative features designed to spur engagement between your employees. For example, a customer may request specific content relating to their history with you (i.e., a subject access request). In these instances, case handlers are presented with a task link entitled, “Get information” that enables them to easily contact colleagues within the system and even external users not in the system. All case details are automatically associated with the message and task alerts are auto-created for recipients.
A simple click of the “Collaborate” link enables your case handlers to immediately message a colleague or initiate the online chat feature. The system records & retains all communications and associates them with the active case, effectively creating a reliable reference record.
The flexibility of iCasework’s Case Management Platform is made possible by its built-in configurability. Options can be defined, forms can be customised and workflows can be configured so that the Case Management Platform is aligned with your specific business needs. Throughout the design and implementation process, we work with you to create a case management framework that empowers your enterprise to successfully meet GDPR regulatory requirements.