REDDOXX Compliance Framework
Convenient customizing by definition
“Compliance” – many manufacturers boldly use this term in their advertising. However, what exactly does it mean? Is it even possible for a standard solution to be compliant?
By definition, compliance stands for the observance of guidelines and policies by companies. An important fact to remember is that this term explicitly also refers to individual regulatory standards, which may of course differ from company to company.
Overview of the REDDOXX compliance framework
- Automatic email classification
- Manual additions can be made by users (if they have the respective privileges)
- Assignment of individual retention times
- Deletion of data privacy relevant information
- Deletion of unimportant e-mails (e.g. newsletters)
- Deletion taking into account the human factor (for instance applications)
- Auditor access for financial audits
- Offline audits
- Double-checking (four-eye principle) audits for in-house reviews
- Compliance log
Compliance and email communications
Compliance provisions play an important role during various transactions, in particular when it comes to the handling of email communications and archiving tasks.
- How long should/must emails be archived?
- How long do they have to be retained?
- On the other hand, which emails must explicitly be archived for a specific period of time only (this refers for instance to applications)?
- How does the company handle the challenge of “personal emails”? Does it permit or prohibit personal emails? If it permits such mail, how can it be transparencly separated from business archives?
- How are the emails of works council members handled? Where are potential data privacy conflicts and how can they be resolved?
These few examples show that practical email archiving can rarely be achieved without making customizations. With the REDDOX Compliance Framework, REDDOXX makes these adaptations easy for you.
Workflows can, for instance, be used to define different retention times. As a result, tax relevant data is retained for the mandatory period of time while other information is deleted in a timely manner if so required by data privacy legislation.
Compile project categories that make teamwork easy. Hence, sales, accounting or technical support staff members have the ability to access emails that are or relevance to them, even if they are not original senders or recipients. As a result, the absence of staff members who are on vacation or on sick leave will no longer lead to delays.
Views for Users and Groups
Define the users and groups who have access to specific emails.
All changes are of course sustainably documented in the archive in such a manner that they cannot be manipulated. This is even ensured if the relevant email is no longer available. Hence, all transactions can be tracked and documented with absolute certainty.
Manual intervention is possible when necessary
Not all transactions can be completely automated. An email archiving system, for instance, will never be able to determine whether an application process is still pending and that documents have to be retained longer than they normally are because of it. That’s why the REDDOXX Compliance Framework allows users to integrate respective approval workflows. In this specific case, the head of human resource could receive an automatic report from the system prior to the expiration of the deadline. At that time he/she could decide whether the application should be deleted or not.