Automation Anywhere, the largest enterprise software provider in Robotic Process Automation (RPA), today announced that its industry-leading platform is compliance-ready with the European Union General Data Protection Regulation (GDPR). Since RPA tools are often used to automate business processes that involve the use of personal information, compliance with GDPR is essential for Automation Anywhere customers.
The GDPR law goes into effect on May 25, 2018, and is considered one of the industry’s most stringent data privacy regulations ever. It is designed to simplify and unify data privacy laws across Europe and give citizens in the European Union (EU) unprecedented control of their Personally Identifiable Information (PII). The GDPR defines rules for storing, accessing and processing the personal data of any EU citizen, in any EU member country or territory, even if the processing of data is performed outside the EU.
Automation Anywhere Enterprise offers several advantages and efficiencies in processing operations that involve PII to ensure compliance with GDPR requirements in the following areas:
- usage of PII for appropriate purposes;
- data protection by design; and
- breach notification
“The protection of privacy and compliance with GDPR is critically important to our customers around the globe, and there can be unforgiving financial penalties for companies that do not comply completely,” said Abhijit Kakhandiki, SVP of Products and Engineering at Automation Anywhere. “Automation Anywhere provides the most feature-rich and secure Intelligent Digital Workforce platform in the market and it is now GDPR compliance-ready to meet the privacy imperatives of every customer.”
Automation Anywhere Enterprise users are assured of compliance in the following areas of GDPR requirements:
Appropriate purposes: Automation Anywhere Enterprise includes detailed immutable audit logs as well as the ability to log the intended purpose to help enterprises ensure that PII information is only used for appropriate business purposes.
Data protection by design: GDPR requires that enterprises take all measures to protect sensitive data such as PII. With the most security features of any RPA solution today, users are assured that personal information is secure as it transits the Automation Anywhere Enterprise platform. Automation Anywhere Enterprise has these security features to protect personal information by design:
- Strong encryption of data at rest, data in motion and data in memory
- Credential Vault to ensure secure storage and management of user credentials
- Granular application of Role Based Access Control (RBAC) across all functions
- Integration with enterprise credential stores and Single Sign On to ensure security connectivity with other security solutions
- Secure operations to ensure the data used by bots is not exposed to security threats during the execution of business process automation
- Detailed, immutable audit logs to support any audit process and forensic analysis
Breach notification: Audit logs monitor all operational processes within the platform, continuously authenticating users and their authorization status at every stage of an automated business process. In the event of a data breach, Automation Anywhere Enterprise auditing is capable of launching a rapid root cause analysis, providing timely forensic analysis for the identification and reporting of breach Automation Anywhere incidents.