4 Replies Latest reply on Jan 16, 2018 10:25 AM by fluffy midnight

    Support for General Data Protection Regulation (GDPR)?


      Our Web Help Desk is populated from Active Directory with Staff names, ID numbers and email addresses to track calls. This is personal data under EU Data protection regulations - GDPR (Home Page of EU GDPR . I realize that how Web Help Desk is utilized ultimately determines GDPR compliance but is there a document available describing compliance with GDPR in general?

      Is there functionality to maintain archive of calls for analysis of calls but to remove personal data when a staff member leaves?

      Is there functionality to remove data once its exceeds the data retention period defined for it?

      Under GDPR, a data subject can request their personal data in a structured, commonly used and machine readable format, is their a mechanism to extract user details in this manner?

      Is there documentation in relation to prevention of data breaches or CyberSecurity in general?

        • Re: Support for General Data Protection Regulation (GDPR)?
          fluffy midnight

          The General Data Protection Regulation (GDPR) applies to companies that manage personal data, not to software products or services. This means that Web Help Desk does not require any GDPR compliance as any database withheld is maintained and managed by yourselves. If the database is managed by a third-party company that you may have gone through, you would need to bring this up with them.


          SolarWinds will not have any document available to describe compliance with GDPR. However, for a general document, there are many articles and documents that have been created as a step-by-step guide or as guidelines. I personally recommend the guide you can download here: EU GDPR - A Compliance Guide


          You can also find the general GDPR page here: HomePage: EU GDPR



          As GDPR doesn't apply to Web Help Desk, it is up to yourself to manage and remove any of your data. (once again, only relevant unless your data is held by a third-party company in which you would request such from them.)  There isn't any functionality to remove data after an exceeded retention period of the removal of data when a member of staff leaves, and getting assistance from SolarWinds may be beneficial but may result with no appropriate answer.



          You can search and export data from any of the Search features in Web Help Desk, configure the Column Set's that you want to include in the export and forward the export to the user. Note that any tickets you may export would be recommended not to include the Notes section as this can be messy at times and there may be internal notes that you don't want to display to any customers.



          There's plenty of information online for data breach and cyber security, I used this guide to give me a better understanding and do the most fundamental and basic requirements: Guide to Developing a Cyber Security and Risk Mitigation Plan


          This guide may also deem useful: Data Breach Response Policy Guide

          1 of 2 people found this helpful