Simplify GDPR queries with Mimecast Case Review App 

Email remains the vital hub of business communications and continues to grow with over 225 billion business emails sent and received every day. Huge amounts of personal information are stored in email archives including names, physical addresses, financial information, employment contracts and even medical records due to regulatory or compliance mandates. The European Union (EU) General Data Protection Regulation (GDPR) is set to trigger a sea change in how businesses collect, store and process the personal information of EU residents, including personal information contained in email archives.

With data storage doubling every 12 to 18 months businesses will need to understand what data they have and how it will affect their operations. Over time, archived emails in some businesses fail to get examined or deleted when expiration dates come up, due to complacency or not having the right tools or resources to deal with this. The result is bloated email archives filled with redundant, obsolete, or trivial (ROT) data that have little or no business value, yet which consume expensive storage resources.

Personal information is typically part of the ROT data, so proactively identifying and removing this information forms part of good information governance. However disparate needs for information retention from multiple business stakeholders means that the ownership of information lifecycle management – which includes administration of email archives – falls to the overworked IT department. Since IT staff often do not see the legal risks of email retention, a culture of “keep all emails, just in case” persists, contributing to bulging email archives. 

The enactment of GDPR will require organizations to have full visibility of their entire data estate to support mandates such as subject access rights (SARs), provide breach notification and demonstrate that explicit consent was received to use personal data.

The Mimecast Case Review App delivers a set of tools to find relevant subsets of archived email data for e-discovery, compliance, or other investigative searches such as GDPR SARs. The Early Case Assessment (ECA) workflow allows e-discovery administrators and compliance professionals to quickly collect, identify, review, cull or preserve relevant emails (including attachments), enabling informed decisions to be made in advance of the processing and review stages of Electronic Discovery Reference Model (EDRM).

This shortens the first-pass review process for GDPR SARs and decreases the volume of email files to be exported, which helps IT, legal and compliance professionals to simplify the management of the GDPR queries. As a consequence, GDPR-associated risks are mitigated, GDPR SARs and ECA-related costs are reduced, and efficiency gains are realized.


Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

GDPR: Where it Fits in the Regulatory Hierarchy

Can you really comply with every regulat…

Can you really comply with every regulation? Auditing, eval… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Mar 23, 2018

GDPR: 3 Steps to Building a Trust Strategy

May 25th, 2018: Your relationship with d…

May 25th, 2018: Your relationship with data security & p… Read More >

Marc French

by Marc French

Senior Vice President & Chief Trust Officer

Posted Mar 16, 2018

The GDPR Fallout from a Breach

There’s much more to worry about than ju…

There’s much more to worry about than just fines with a GDPR… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Mar 01, 2018