Ensuring that your organization consistently complies with the GDPR regulations is not an easy task.
Although the GDPR ruling came into the picture about three years ago (2018), a lot of businesses are still struggling to implement data strategies to ensure compliance. Even Atlassian noted that complying with the GDPR is not simply a one-time effort of adjusting your company’s personal data policies and practices – it’s a continuous effort.
You have to make sure that with every new adoption or even upgrade, you are protecting the data rights of your customers and end users.
More importantly, you have to consistently fulfill customers’ “right to be forgotten” and stop the tracking of personally identifiable information (PII) in Jira with subsequent deletion or replacement of such information.
So, what are the key elements of the GDPR? How can you comply with the GDPR effectively? And most importantly, when does JQL come into the picture? Continue reading to get your answers.
Key Elements of GDPR
The General Data Protection Regulation (GDPR) is a legislation developed to give EU-citizens more visibility and control over the personal information that companies hold about them.
To comply with this on Jira, you have to consistently make sure that you don’t store customers’ or staff’s personal data for longer than necessary. You also need to obtain consent before collecting their data and using it in marketing efforts.
The main GDPR principles entail “data minimization,” “purpose limitation,” and “storage limitation” – among others – where an organization must minimize the amount of data it collects for tracking activity. On top of that, the data must only be kept for as long as necessary, befitting a specified purpose.
With that being said, it’s essential that the company indicates the cookies it uses, the purposes of the cookies, and how long they are kept.
Right to be Forgotten
Under the GDPR regulation, data subjects can request to view, port, and delete personal information from organizations holding their data. In turn, organizations must respond to these requests within one month.
However, by default, as mentioned earlier, you can only store users’ data for a limited period. Data controllers and processors must return or delete all personal data after the end of services, or when a contract expires, unless it’s necessary to retain the data by law.
So, how can you keep track of all these requests? More importantly, how can you make sure that you comply by deleting outdated data consistently? One of the best ways to do so is through Jira Service Desk (aka Jira Service Management).
Tracking Compliance using Jira Service Desk
Why Jira Service Desk?
Well, apart from it being a secure public portal with a wide range of capabilities to support service management, you can use it to customize workflows and automate them so that you won’t miss any issued requests.
For instance, when you receive a data subject request, you can validate it, which will then trigger an automated response where it will be generated as an issue.
You can also set up a Service Level Agreement (SLA) for every validated request to make sure that you won’t overlook the end dates and end up breaching the contract. Automate the SLA response so that when it’s near the end date, it will trigger an action by sending you a notification on Slack.
Automate Your Compliance Action
Automate your compliance by auto-assigning issues to your team so that you won’t miss any in the backlog. When issues are auto-assigned, service agents will always need to make sure they are resolved.
Follow the steps below to learn how to build the automation rule.
- Select a trigger for your rule. It can be when an issue is created or when an SLA is about to be breached.
- Select any conditions you want to set in place to define the issues that you want to auto-assign. Let’s say you only want to auto-assign issues with an SLA that is about to be breached to a specific group of people, then you can use the JQL condition.
JQL queries are really valuable when setting up automation rules because you can customize the conditions that you want to set. However, out-of-the-box JQL can still be pretty limiting because the query parameters are not as extensive as you might have hoped.
If you want to search for very specific issues with special conditions, for example, issues last commented on within 3 days ago, then you need an app like JQL Search Extensions. It offers up to 50 additional queries to help you truly own your customization processes. You no longer have to search tediously for issues you need and go through a big selection of search results.
- Use the Assign Issue action. This action allows you to easily assign issues for a number of different scenarios. The screen below shows the details of assigning your issues to users in a specific group. As you can see here, you can use JQL to define who the issue should be assigned to. For instance, to the user with the least number of open issues.
Using the app you can define the users by a more specific condition, say, users with the least number of subtasks through this additional field: SubtasksCount.
- Once you’re done filling out all the details, click Save to apply the action, give your rule a name, and then click Turn It On.
Ensure Compliance with Extensive JQL Functions
Leveraging JQL Search Extensions will not only significantly improve your search capabilities and customization; it will also allow you to explore greater automation capabilities within your service desk and help project managers manage their priorities better. Try the app for free for 30 days today.