It’s highly probable that the following applies to your company when you send your executives on business travel: you are responsible for protecting the data of your staff but, in reality, you have no control over it. This is a significant risk.
The European Union now takes data protection seriously. The rules apply for any company that collects data from EU citizens, irrespective of their place of business. These rules, made in the framework of the General Data Protection Regulation (GDPR) are, in principle, reasonable. But in reality, only a few companies are really prepared for them.
Business trips always require personal data. Today, this data is stored in multiple systems: in a company’s HR system, the travel agency’s system or the online booking engine. It is sent to systems at airlines, hotels and credit card companies at the time of booking. Things become even more complex with international companies, multiplying the number of systems in which personal master data is kept.
Umbrella AG, based in Wetzikon, Switzerland, and data.mill of Salzburg, Austria, provide companies with professional master data management assistance in accordance with the new GDPR. Thiemo Sammern, Managing Director of data.mill, points out a key change: “Master data management now becomes much more than just access and storage. Companies must learn how to handle personal data.”
This means companies must ask a range of questions. Where is my data? Who has access to it? Which data is actually needed? Which tasks does it fulfil? How and when is data that is no longer needed deleted?Left: Helmut Pilz, VP Business Development, Umbrella AG, and Thiemo Sammern, Managing Director, data.mill
Umbrella aims to practically implement the new data protection requirements. Its Umbrella Faces product ensures that personal data is synchronised between various systems; for example, the online booking engine via which business trips are booked and a company’s internal HR system.
Umbrella and data.mill and also help companies clean up their master data with an ingenious concept that quickly makes clear which data is not needed and where gaps exist. Last but not least, storage in a Swiss data centre is another building block in this security concept.
The EU’s penalty scale for violations of the GDPR is draconian. As such, Thiemo Sammern and Helmut Pilz, VP Business Development at Umbrella unanimously agree that “doing nothing is not an option”.