With offices in more than 80 countries worldwide, one of the things that has been top of mind for me for the past year is how we ensure our social media activity complies with GDPR. If you're not familiar with GDPR, it stands for General Data Protection Regulation, and it's been touted as " the most important change in data privacy regulation in 20 years." (No pressure, right?) The goal of GDPR is to protect the personally identifiable information, or PII, of individuals living in the EU. Enforcement begins on May 25, 2018.
The thought of ensuring compliance may seem daunting, especially if that's not your day-to-day job, but it doesn't need to be. Within Oracle Social Cloud, there are many features and settings that we'll be using to design audit controls and workflows to help us take the utmost care in handling PII. Over the next few weeks, we’ll be sharing the nitty gritty of how we’ll use each console within Social Cloud. Today, we’ll feature Workflow & Automation, where we control user access.
Workflow & Automation: Resources Tab, Bundles
We have one main Bundle that my team uses for visibility into global activity from one centralized location; we literally call this the "Main Bundle". All 22 of our Social Properties are authorized here.
Since Zebra has both global and regional marketing teams, we use Bundles to manage their access.
Workflow & Automation: Users Tab
We no longer grant access to our social networks directly; all access is granted through Social Cloud. Since Social Property access needs vary amongst users, we rely on User Roles to configure each individual user’s access to ensure they only see what they have a need to see. We call this concept "Least Privilege", where you can only access items on a "need-to-know" basis. While the name may seem restrictive, it's done by design to prevent unauthorized account access.
Here are the most common User Roles that we assign for Bundles. Our users have the exact same User Roles for the individual Social Properties, too.
For example, if we have an agency partner that is only publishing and reporting on organic Twitter posts for our North American team, this is what their configuration would look like.
Workflow & Automation: Account Tab
There are several important settings within the My Account page that we have configured for users
Workflow & Automation: Workflow Tab
We use Workflow for two primary use cases:
Using Workflows gives us the ability to create Threads within Social Cloud, where multiple users can collaborate on specific items within each Workflow. If an Author needs to change something in a post before it is published, that request is then documented within the tool. And for customer service inquiries, responses are stored securely within Social Cloud, versus being taken offline to e-mail where someone could easily forward on and mishandle customer contact information.
These are the main ways that we're using Workflow & Automation to keep personal information safe. Are there configurations you're using that we may not have covered? We'd love to hear how you're configuring your instance of Social Cloud for data privacy. Leave us a comment below!