Electronic Document Distribution in Line with EU Data Protection Regulation Changes

Electronic document distribution far outpaced printed document distribution some time ago.

But for all the convenience and power of electronic format documents comes the risk of confidential data leakage through malicious intent, or inadequate security protocols.

As our personal data and associated information is increasingly shared, stored and processed online, protection of such precious assets needs to evolve. Consequently, the long-standing (20 years and counting) EU Data Protection Directive will be replaced by a more proscriptive EU Data Protection Regulation before long (rumor has it this will land in 2017).

Being a ‘regulation’ as opposed to a ‘directive’ means that this is not open to national interpretation of how it should be implemented. EU regulations are specific in scope, and universal in application. This puts each member of the EU on a level footing in this area, making the considerations for electronic document storage and distribution the same, regardless of EU country.

While it’s clearly stated elsewhere how the Data Protection Directive will impact individuals and businesses in a broad way, if you’re reading this you’re looking to see specifically how it’s going to affect electronic document distribution. So let me explain some key points to consider.

• A single set of data protection rules across the EU – if you are distributing electronic documents across a range of European countries, or using data from multiple countries in documents, you only need to follow one set of regulations. And there’s no need to craft individual notifications, specific to each country.
• Greater accountability and responsibility for how your business manages the data in electronic documents. While this sounds like a greater risk, it removes the reliance on (and cost thereof) data protection supervisors.
• National data protection authorities will be available to guide and assist businesses in their country of origin, no need to work across multiple authorities in any country where you distribute electronic documents. These national authorities will be empowered to fine businesses in breach of regulations (up to €1M or 2% of annual turnover).
• New rules will be put in place for police and judicial cooperation. Electronic documents will be subject to the same set of rules, to improve investigative access and seizure, regardless of location.
• The rules for handling electronic documents containing personal data apply even if outside of the EU, providing the company in question is either active in the EU, or offers their services to EU citizens.

What does this mean for electronic document distribution?

The upshot of the regulations is that businesses operating in the EU, or offering services to EU citizens, will need to ensure internal policies, procedures and documentation is brought up-to-date to meet changing requirements. While the regulations are only likely to come into force in 2017, this gives a relatively short space of time for businesses to create organizational change to meet these regulations.

One of the easiest routes to take to ensure electronic document distribution doesn’t fall foul of the new regulations is to work with an external partner who is compliant with them. Any document distribution can then filter through their protocols and processes to ensure it meets the required standards.

It’s not just in data protection that businesses need to keep on top of changing regulations. If your business sends or receives e-invoices as PDFs, then you’ll need to be aware of the requirements for VAT compliance, facilitated by advanced electronic signatures.

At Corcentric, we are no strangers to stringent regulations, having supported financial, communications and technology clients in their business-critical document distribution for over a decade. It takes a committed approach to meet the changing demands of industry-specific regulations, but we take that worry away from clients, so they can focus on their day-to-day business.

While there’s no denying plenty of organizational considerations need to be made, in light of the EU Data Protection Regulation, we will be shouldering the electronic document distribution side of that burden for all of our clients well before these regulations come into effect.