Our Web Help Desk is populated from Active Directory with Staff names, ID numbers and email addresses to track calls. This is personal data under EU Data protection regulations - GDPR (Home Page of EU GDPR . I realize that how Web Help Desk is utilized ultimately determines GDPR compliance but is there a document available describing compliance with GDPR in general?
Is there functionality to maintain archive of calls for analysis of calls but to remove personal data when a staff member leaves?
Is there functionality to remove data once its exceeds the data retention period defined for it?
Under GDPR, a data subject can request their personal data in a structured, commonly used and machine readable format, is their a mechanism to extract user details in this manner?
Is there documentation in relation to prevention of data breaches or CyberSecurity in general?