4 Replies Latest reply on May 11, 2018 7:36 AM by bshingler

    consent for WHD

    bshingler

      with GDPR coming in how are people dealing with consent for using personal data - ie emailing tickets back to the customer, the helpdesk is storing personal data so therefore we need some form of consent system to approve and then remove if required, SAR request is easily done with the search tickets and customer details so that shouldn't be too much of an issue but the consent side is more of a problem as there is nothing built into WHD to provide this function?

        • Re: consent for WHD
          cyribus

          I am not sure if this will work but maybe it is a start in the right direction. Create a request type for new client, set an action rule that states client is unassigned send ticket to new client request type. Then go to processes and create an approval process with the disclaimer for storing information on the database based on client approval. Once that is created, you will need to set up another action process to email the client back upon assignment to the new client request type. I am not sure if this would include the approval process though. You can base it off a custom field (yes / no selection) for the tech to select and save and email the ticket back to the client. Either way you would have a stored record in the database of the approval to store data. I have not been able to test this, so this is basically a theory. I hope it helps if even just a bit.

          • Re: consent for WHD
            comtcjm

            If you are just using the Client Interface, you can create a Client custom field (e.g. Yes/No - "I agree that personal information is stored about me on the Helpdesk etc") that is a required field in their profile tab.

            The client interface will make then (by taking them directly to the profile tab, regardless of you default tab) making them select it before that can proceed and submit a new ticket.

             

            You could additional check that this client custom field is set, via an action rule and possibly set a read only ticket custom field to reflect the same. In turn (with an additional action rule) you could block techs from starting a ticket until the ticket custom field has been set.

             

            regards

            Chris