GDPR Support in Kentico 11Monday, September 18, 2017
GDPR is a hot topic at the moment. Everyone is still working on what is involved, how it might affect their business, and what steps they need to take next. In Kentico 11, the team have been working hard on a GDPR module to make some of the involved effort less arduous.
Kentico have been paying attention to GDPR and have taken onboard not only the impact it has on their software and direct customers, but also the impact on partners and implementers who work with their CMS platform. I became acutely aware of this in relation to Kentico at the 2017 MVP summit in Brno, where we spent a session discussing GDPR and the implications that such a large piece of legislation will have.
What is GDPR?
If you don't know what GDPR is yet, then it's probably time to start having a look. If you, your client, or any 3rd parties that you work with process or store information about customers within the EU, then the chances are you need to be aware of this rather impressive piece of EU legislation. Regardless of whether you are an EU body or not, this regulation could have an impact on your business. You can find a wealth of information on the Information Commissioner’s Office Data Protection Reform website.
If you're UK based, Kentico are hosting a GDPR event in London titled Get Your Business GDPR Ready this September, which I would recommend attending if you can.
What's coming in Kentico 11?
Behind the scenes, Kentico have been working hard on providing platform support for GDPR regulations with an aim to bringing some of these in to play in this year’s release of Kentico 11. There are two key things in their GDPR support for Kentico 11:
I'll give a little more detail below, but this isn't in the beta yet (to my knowledge), so nothing is guaranteed. What is less defined at the moment is which licence edition the GDPR module will relate to. We'll have to wait and see there.
This will be publicly accessible documentation related to the personal data that is stored in Kentico 11. As you would expect, Kentico are targeting version 11 here, there are parts of this information that may be relevant to previous versions based upon which arts of the CMS have changed between releases. This could be good news for people who are not quite in a position to upgrade to the latest and greatest. It's worth noting though that the older the version, the more divergent this information will become.
What will be in here is the information about what Kentico stores about people (customers and contacts etc.), how it is acquired, and where it is used. From this information, you’ll be better informed to determine how to remove it on a project-by-project basis.
There will be a new application to the administration site in Kentico 11 and this allows for a number of options to be explored.
Firstly, We will be able to see all consents made through the system and will be able to locate various records via email address etc. This will be done using the concept of Collectors.
Kentico 11 will ship with two sample ‘Collectors’; one for Customers and one for Contacts. Developers will be able to extend this using the provided framework to cover exact requirements and to provide cover for additional objects as required. This will allow us to locate, export, and delete any customer data we need through custom-built connectors based upon the provided framework.
If you've not read through these regulations, then I would suggest that you do so, as they come in to force on May 25, 2018.
Kentico are working hard on GDPR and are one of the few vendors out there putting development effort in to their platform to meet the new regulations. I'm hopeful that we see the GDPR application come in to fruition with the Kentico 11 release this year, as I believe it's going to form part of the toolset that we'll be using going forward to work within the GDPR regulations.
If you can attend Kentico's GDPR event, then please do. In addition, Kentico have a number of blog posts by Duncan Hendy on GDPR, which are also a great source of information and insight.