In this e-book, we'll explore in detail about the role of the IT service desk in the context of the GDPR, how the GDPR impacts IT service desks, and how to build a compliance program for IT service desks.
The GDPR and ITSM
Implemented on May 25th, 2018, the GDPR is a regulation drafted by the EU to protect the privacy of EU residents. It brings together a set of rules that provides these individuals with rights over their personal data.
IT service management (ITSM) sits at the heart of every IT infrastructure, providing the IT support businesses need
to achieve their goals.
Key aspects of the GDPR in the context of ITSM
Personal data
Any information relating to a data subject (identified or identifiable natural person)
Person - Name, Phone, Email, Company, Designation, Address and Location.
Access - Login ID
Asset - IP Address, MAC Address, IMEI, UDID
Who are the key players?
Data controller - A person who decides how personal data is going to be processed.
Data processor - A person who processes data on behalf of the controller.
Are you using IT service desk applications?
You could be both the data controller and the data processor if you use on-premises applications.
You are the data controller while the cloud vendor is the data processor if you use cloud applications.
What are the key data subject rights under GDPR?
Transparency
Right to access
Right to be forgotten
Right to rectification
Notification obligation
Right to data portability
Right to object
Right to restriction of processing
What are the key aspects of ITSM influenced by the GDPR?