This documentation supports the 22.1 version of BMC Helix Innovation Studio.

To view an earlier version, select the version from the Product version menu.

Addressing data privacy requests

The BMC Helix Innovation Studio product provides capabilities that help administrators address the personal data protection and privacy requirements associated with the General Data Protection Regulation (GDPR). The GDPR is a set of rules and principles governing the handling of personal data of individuals located in the European Union (EU).

Note

This BMC document provides general information about the General Data Protection Regulation (GDPR) and GDPR key requirements. It is not intended to provide any legal advice. The GDPR can be found at https://ec.europa.eu/info/law/law-topic/data-protection_en Open link . Under this new Regulation, any organization handling personal data of European Union residents, regardless of its location, needs to understand which GDPR requirements apply to its organization and accordingly devise a plan for adjusting its systems and processes and for educating its people. Although BMC is not in the business of data privacy compliance software, some of the features of the BMC Helix Innovation Studio product can help customers meet some requirements of the GDPR. For more information about how BMC solutions can help achieve the requirements of GDPR, see  https://www.bmc.com/it-solutions/gdpr-compliance.html Open link .

Personal data in BMC Helix Innovation Studio

BMC Helix Innovation Studio applications may include users' personal data such as names, phone numbers, email addresses, government ID numbers, locations, credit card numbers, IP addresses, and so on that can identify individuals personally. 

Personal data in BMC Helix Innovation Studio log files

BMC Helix Innovation Studio retains the data in log files for a limited period of time and then the log files data is deleted from the BMC cloud.

Personal data used by the BMC Helix Innovation Studio Cognitive Service

BMC Helix Innovation Studio deletes all the conversation logs from the BMC cloud once a week.

For information about the log limits in IBM Watson Assistant (formerly known as IBM Watson Assistant), see Log limits Open link in the Watson documentation.

For information about IBM Watson GDPR readiness, see GDPR Open link in the Watson documentation.

Capabilities for handling personal data

BMC Helix Innovation Studio provides an administrator the following capabilities to protect user's personal data:

  • Perform a lookup to find whether any personal data of a user is stored in applications. 
  • Provide a user with their personal data in a safe way.
  • Replace users' personal data permanently in the applications.

On behalf of a user, an administrator can perform the following operations on user's personal data:

OperationDescription
Search

Searches for the user's personal data available in applications and provides a report of the search data. An administrator can download and send this data to the user in a portable and standard format such as .csv file format. The search operation is performed on structured and unstructured data.

To enable search operation for structured data, for example, JSON and HTML, an administrator must configure the content-definition setting by providing the following value:

{"formName":"<name>","fieldName":"<field>","fieldFormat":"<JSON>/<HTML>/<TEXT>"}

If the content-definition setting is not configured, then the search is performed on the fields with datatype as Text and CLOB (character large object).

Replace

Replaces the user's personal data. The data is not deleted; however, it is replaced with a non-readable information permanently. The replace operation is performed only on the fields with datatype Text and CLOB.

Ignore

Ignores a record during a replace operation.

You can exclude any personal data from getting replaced. The ignored records are not replaced.

You must consider the following points while performing operations on personal data:

  • You need to perform these operations in each environment separately such as development, QA, and production environments.
  • You cannot modify or search for the personal data stored in the following components:
    • Attachments stored along with records instances
    • Process definitions
    • Localized strings
  • You must not replace the login ID of a user.

For more information about handling data privacy requests, see Addressing data privacy requests Open link .

Was this page helpful? Yes No Submitting... Thank you

Comments