Document management solutions provide:

  • structured organisation and control of documents
  • the ability to search
  • document security, audit and versioning
  • the capability to manage retention

What they are not necessarily capable of is identifying and separating personally identifiable information (PII) from everything else in each document.

Data protection considerations for document management solutions


Processes must be implemented to grant or remove access to PII when staff join, move within or exit the company.


To be compliant with GDPR, documents must remain encrypted whether stored in document management, in-transit, stored locally or when backed up for disaster recovery.

Remote working

The use of personal equipment to store documents or public cloud solutions create potential exposure.

Breach notification

If it can be proven that a document is encrypted, then the obligation to report a breach to the data subject is removed, however the ICO must be notified within 72 hours of the breach becoming known.

Rights of the data subjects

  • Right to be Informed
  • Right to Access
  • Right to Rectification
  • Right to Erasure
  • Right to Restrict Processing
  • Right to Data Portability
  • Right to Object
  • Rights related to automated decision making and profiling

Contact our Data Protection and GDPR Lawyers Liverpool, Wirral, Merseyside and Across England & Wales

GDPR impacts many aspects of your business, from document handling to employing staff to dealing with other businesses. Our data protection and GDPR team are here to provide bespoke legal guidance for your business operations. For a free initial consultation with our data protection and GDPR solicitors, contact us on 0151 659 1070 or complete our online enquiry form.


Make a free enquiry, call now

0151 659 1070

Please let us know your name.

Please enter a valid telephone number

Please let us know your email address.

Please let us know your message.

Please tick the box below

Invalid Input

Invalid Input
I understand that by submitting my query to you, my personal data (name, email address and contact number) will be processed by you in order to contact me and assist me with my query. I confirm I have read and understood the Privacy Notice and I consent to you processing my data for the purpose of contacting me to assist me with my query.

What our clients say

How can we help you?

To find how our friendly and knowledgeable solicitors can help you, contact us today.

Make a free enquiry - Call now - 0151 659 1070