Today the European privacy legislation, the GDPR, will come into effect. We are regularly asked what one can do to make the forms ‘GDPR proof’. Below we describe a number of matters that you can take into account or considerations you can make.
Access to your Formdesk account
Make sure that everyone who needs to have access to your account logs in as an individual user and only has the permissions necessary to perform his or her task. (information)
Determine which security requirements you set for logging into your account. (information)
Secure e-mail messages
Determine whether you send personal data by email and if it is desirable to secure these messages. Although message traffic between mail servers is encrypted more and more often (the Formdesk mail servers support this but the receiving mail server must as well), the messages may be unprotected in mailboxes or can be forwarded by the recipient. Formdesk offers the possibility to include the contents of a message in an encrypted attachment. This can be a PDF or a zip file. (Included in business plans, offered as optional features for standard subscriptions). (information)
Retention period of personal data
The GDPR states that you may not keep personal data longer than you need it except if it’s legally required. You must determine a storage period per application or form and record this with motivation in the processing register. And of course you must actually delete the data in accordance with these retention periods.
Please take into account when determining a retention period that deleted data in Formdesk is still in a ‘trash’ for 1 month. This is necessary to undo an unintentional or too early deletion. In addition, the data is still present in the backups that we make daily from the database and that are kept for 1 month. These backups are necessary in order to be able to restore the entire database in case of calamity. So after 2 months, deleted data is definitely and irrevocably erased at Formdesk.
Formdesk offers various options for removing data:
- Manually from the results page of a form. Here you can delete completed forms one by one, in one go the forms that you have filtered or all completed forms. (instructions)
- Automatically by setting a retention period. (instructions)
- Automatically by using your own application of the Formdesk API which gives you the possibility to download the data first. (information)
Lookups
Lookups allow you to retrieve data from another form so that a form can be completed faster / more efficiently. The number of applications is numerous but certainly when you collect personal data you have to make a risk assessment. An example: You create a form that must be completed by your colleagues. By filling in a personnel number, the other data is searched for. Handy because your colleagues do not have to fill in all their details, but someone could fill in the personnel number of others and gain insight into the data.
Be aware that if you assign a form as a lookup form, colleagues or other sub users who do not have any permission on your form can create a lookup to this form and will be able to view its results.
Publish completed forms
Formdesk offers 2 features to publish completed forms, namely ‘Publish form results’ and ‘Publish individual completed form’. In both cases, a special internet address will be available with which the overview and the form can be retrieved. You can secure these pages with a fixed password. If you make use of these possibilities or if you are considering using these options, you will have to weigh up the risk that the internet address and, if applicable, the password will be known to others than to whom you have provided it.
Data processing agreement
Finally, we would like to draw your attention to the model processing agreement. If you outsource the processing of personal data to a third party, the GDPR obliges you, with this third party, to record this in a processing agreement. If you intend to subscribe to Formdesk (and request personal data with your forms) then you can use our model agreement.