Home / News  /  Ensuring GDPR Compliance through Secure Identity Access

Share This Post


Ensuring GDPR Compliance through Secure Identity Access

With the new GDPR rules looming, client and customer confidentiality has again become the issue of the day for many businesses. Controlling who can access what information and features within a system is a pre-requisite for maintaining client confidentiality, as well as having significant benefits for productivity and efficiency. There are four primary facets of access management: confidentiality, training, tailored content and convenience.

Client confidentiality

All organisations, including commercial businesses, manage information to some extent. Some organisations, such as the NHS or legal practices, handle particularly sensitive personal information. For many businesses, the ability to keep client information properly protected is crucial to the maintenance of their relationship with that client. In both of these scenarios, controlling which users can access certain data is extremely important. By compartmentalising information and using appropriate identity access settings, it is possible ensure that only designated individuals or teams have access to a client’s data.

Level of training: unlocking new levels

Inevitably, hierarchies exist in workplaces. However, when considering what level of system access to allow to different people, a reverse hierarchy is sometimes advisable! It may not be wise to offer the executive board full edit access to data if they do not have appropriate skills or training – it would be very embarrassing if the CEO accidentally deleted important client data! Highly skilled information managers should be given greater access because they have the right level of training to manage the data appropriately. Many businesses operate an ‘unlocking’ procedure, where successful completion of training modules allows greater access to information and applications, much like a video game.

Tailored content: dashboards and worklists

A hugely beneficial feature of identity access management is that it enables content to be tailored to the user. A senior manager can log on and instantly view a dashboard showing highlights and trends. A service centre employee can be shown system anomalies or problems that require urgent attention. A mid-level clerk can be presented with a worklist for the day. By personalising information and applications in this way, productivity can be increased. If the system knows who is looking at it, it can show them the information that is most relevant to them. This functionality can evolve over time, as users request different views or request access to features that could help them complete tasks more efficiently.

The convenience of single sign-on

Single sign-on goes hand in hand with identity access: an identity access management solution can be configured so that users only need to log on once and can then access a host of different applications. This enhances the user experience, offering seamless movement between applications – indeed, users may not even realise that they are accessing multiple applications. Conversely, users can quickly become annoyed by repeated password requests. Single sign-on is convenient, and therefore increases efficiency (not least through a reduction in password reset requests!)

Though these different aspects may not all be relevant to every business or organisation, some degree of identity access will inevitably be required. Identity access is a fundamental part of business systems which is often only noticed when it goes wrong. Getting it right may be a thankless task but it is nonetheless an important one.

Share This Post