GDPR and Umbraco CMS upgrades

With all the legislative changes required for GDPR (see our previous overview article) on 25th May 2018 regarding handling of customer data, we wanted to update everyone on the new Umbraco updates that can support your business.

As an Umbraco CMS partner, we've been notified of their latest CMS upgrade to version 7.9 and to upgrades available for the Umbraco forms plugin which will help support your compliance and data management plans.

Umbraco have released several "GDPR-friendly" features to track all data processes and highlight sensitive values. These include:

• General API for "logging of consent". This provides a simple way of registering that a person has given consent of any given action. This will allow for reporting and querying of an audit trail for consent for a person/action.
• More detailed logging of user actions in the back office. The GDPR requires it to be possible to find out who has done what. For instance: "User X has given User Y permission to section Z" - this is now possible in 7.9.0.
• The ability to mark Members as 'sensitive'. If these are marked as sensitive, the values will not be displayed in the back office to any user unless they are part of a User Group that has been flagged to be able to read sensitive data.
• The ability to export a member's saved data as a file. In the action menu on each member you can now export a file with all data stored for that particular member.

So what does that mean if you have an existing installation of Umbraco? This upgrade would offer you a more simplified compliance process and data management solution "out-of-the-box".

If you're interested in upgrading your current installation to support your internal compliance plans, then please feel free to get in touch to discuss the options needed and worth noting your product version too so we can help explain the upgrade process. We would love to hear from you if this is of interest.