WHAT SCIO DOES

Why choose us?

  •  
    Decision Support

    Your records and archived data contain invaluable knowledge about the reaction and responses of your customers on certain triggers or events. Mining this hidden knowledge out of your content, is the next logical step to acquire new insights. A solid decision support system like SCIO, that is based on your experience and the discovered knowledge, alerts you at the right moment about the parameters responsible for customer satisfaction and aids you in optimizing your performance.

  •  
    Experience in content analytics

    Our consultants have extensive experience in implementing ECM solutions for scanning, archiving, collaboration, case management and records management. This vast experience in managing unstructured content gives SCIO a major advantage to take the journey to content analytics with you. This will provide you with first insights of the hidden knowledge inside your many information sources, and not unlike traditional business intelligence provide you with analytical information for your data scientists to exploit

  •  
    Added value for your business

    Better understanding of your customers, early detection of fraud or sensitive cases, dissatisfied customer feedback… These are just a few examples of how cognitive insights provide added value for your business and provide operational efficiencies. Better insights from information gathered from all angles can also provide suggestions to your sales force on possible upsell opportunities based on customer behavior. Cognitive insights quickly prove value in many areas including back-office handling, customer call centers, R&D, sales, supply chain optimization…

WHY IS IT SO UNIQUE?

  •  
     
    Unique focus on cognitive solutions

    We are convinced that cognitive computing is the next major technology wave. SCIO applies cognitive computing to archived content and builds a decision support system based on own experiences and specifications. It delivers new insights in your business, market, customers and leverages undiscovered knowledge and relations hidden in your information ocean.

  •  
     
    Strong capacity for innovation

    SCIO is a strong platform built for enterprise production use and is all about thinking out of the box. We leverage highly innovative solutions for organizations while remaining pragmatic and proposing quick win solutions.

  •  
     
    GDPR compliancy solution & services

    The General Data Protection Regulation is a strict new regulation governed by the EU obliging organizations to identify and manage Personally Identifiable Information. To help you comply with this legislation, SCIO offers specialized support and services. These ensure you avoid the crippling fees related to violations. We do not only process the PII data but also provide cognitive solutions & data mining to actively contribute to your organization’s activities.

  •  
     
    Unified information application

    Instead of adding yet another silo, our solutions leverage knowledge sitting dispersed in many systems be it internal or external, emphasizing unstructured data. SCIO provides a single point of access to the hidden knowledge and eventually delivers competitive advantage while being integrated in your existing portals.

Blog

10 Things you need to know about the GDPR

1. What is considered Personally Identifiable Information

PII, as it is abbreviated, is any information that can be used to identify and locate a single person. This includes data which can be combined to identify an individual but can’t be used as such when it’s not combined. For example, a last name and a street address by themselves are mostly useless to identify a person, but combined they might lead to the identification of a single person.

It is important to know which PII is hidden in your documents and where it is located. SCIO’s GDPR compliance solution scans your system and does just that: identifying which documents are PII infected. After identification, they can be treated accordingly.

2. The GDPR transcends beyond EU borders

The GDPR applies explicitly to all citizens of EU countries and not EU companies. This means that a non-EU company needs to show GDPR compliance if it wishes to use data about EU citizens. This also conveniently means that EU citizens have a legal backup in managing their data worldwide, whichever organization uses it or for whatever purpose it is used.

3. The value of big data

There’s one big exception, where consent of an individual to use its data is not explicitly necessary. Using PII infected documents is allowed without notifying the peoples it’s about if the data is used for scientific, historic or statistical research purposes (and these purposes only). After all, big data is an emerging science with lots of potential. The GDPR acknowledges this potential doesn’t want to spoil the party, as long as the PII is protected from prying eyes you are good to go.

4. A transparent policy

Companies using data about EU citizens need to acquire consent for everything the data is used for. This means vague and endless terms and agreement policies will necessarily become a thing of the past. Asking for consent in applications or other software need to be clear and transparent for every possible reader, without ambiguities. Users should be able to consent only to the parts they’re comfortable with and nothing more.

5. Data Protection Officers

A GDPR compliant organization is recommended (but not obliged) to assign a DPO, this can be an internal staff member or someone external. The DPO has to inform and advise employees who carry out processing and monitor compliance of the organization with the regulation. This person is obliged to ensure records are kept of all processes using data containing PII. Choosing to assign a DPO has a lot of advantages and is not just to show your goodwill.

6. Evaluate the impact of a data breach

An organization regularly has to carry out impact assessments. If a DPO is assigned this is done under their supervision and initiative, if no DPO is present management will have to care for it itself. Most notably, these assessments need to be executed whenever a new technology is implemented, but preferably also at certain time intervals as a checkup. A data breach is simulated and the impact of a harmful event is evaluated. The result of this simulation decides the appropriate course of action the company should take. Recent actuality shows how important this is, as hackers are very resourceful in executing their evil schemes.

7. Reporting of data breaches

Unless a data breach has no risk to the privacy of individuals, a data operator who discovers a data breach has to report this immediately to supervisory authorities, not later than 72 hours after the breach is discovered. This breach also needs to be reported, in clear language, to the subjects whose data it’s about. This report needs to contain the nature of the breach along with the likely consequences and the measures taken by the operator to address this breach.

8. The way you position yourself on the market

Maybe something with less direct consequences but important for any self-respecting competitive organization nonetheless. It comes as no surprise that the GDPR has a lot of marketing implications. Profiling yourself as a data operating company results in some negative connotations. Thorough evaluations of how an enterprise communicates about who they are and what they do are of best interest.

9. Crippling penalties

The EU takes the GDPR very seriously, and righteously so. Privacy of individuals is very important and needs to be ensured at all times. To make sure all organizations comply, the fees are very high. Failing to assure compliance leads to a penalty of 20 million euros, or 4% of the annual global turnover, whichever of those is highest. Losing such an amount of money can be harmful even for a company to turn bankrupt. Ensuring you comply with the GDPR is therefore a no-brainer.

10. Time is running out

The legislative is very strict about this. By 25 May 2018, all companies have to be able to show compliance or suffer the penalties discussed above. You still have some time to get your things in order, but it’s a good idea to start thinking about it now. SCIO helps companies by creating a solid solution which allows them to comply with the GDPR without much effort. The solution seemingly integrates with an enterprise’s current set-up, so the enterprise can stay focused on their main goal without worrying. Get in touch with us through info@scio.be and get specialized support on how to comply to the GDPR and how to avoid those crippling fees.

The countdown has begun... How to prepare for the GDPR

What is the GDPR?

Despite the many advantages that digitalization brings, there’s a big elephant in the room that can’t be ignored any longer: digital data and the (im)proper use of it.

Digital data is within anyone’s reach and privacy regulations have been almost non-existent so far. The Data Protection Directive authored by the European Union from 1995 is hopelessly outdated as technology and marketing have evolved rapidly. Driven by several data leaks and privacy scandals, Europe’s revised answer is ready: The General Data Protection Regulation.

The recently introduced General Data Protection Regulation (GDPR) is a new and very tight regulation with the goal to improve private persons’ protection and unify it for all EU member states. The GDPR is all about the regulation of Personally Identifiable Information (PII).

PII is any information relating to an identified or identifiable natural person directly or indirectly by reference to an identification number, location data, online identifier or to one or more factors specific to the physical, genetic, mental, economic, cultural or social identity of that person. PII can be hidden in any kind of document, in any form, and allows one to trace back to the individual whose data is in the document.

You are risking tough penalties

To enforce the GDPR, the European Union founded a committee to which member states need to report in case of non-compliance. This law spans the whole Union and will not be made into a national law by the individual member states. The GDPR is taken very seriously, and rightfully so. Protection of the individual is something that needs to be ensured at all times. Companies who fail to comply with the GDPR by 25 May 2018 risk serious consequences. The minimum fine for violating the new regulation amounts to 20 million Euros. This can reach up to 4% of the company’s revenue, if this number happens to be greater than the minimum fine.

You probably have documents containing PII which are used in line of your business applications. These can easily be identified and processed to be in accordance with the GDPR. However, the same volume, if not more, PII infected documents are hidden away in legacy systems, fileshares, emails, databases, archives and more. These also need to be treated correctly, even if no one in your organization uses them actively and their existence is long forgotten. After all, suppose people with wrong intentions get into your system and are able to access these documents. History has shown how damaging this can be to an organization, directly to your finances but also very much to your reputation and credibility.

How to treat risky documents in a proper way

Complying to GDPR takes some serious preparation and effort. Not only are all your databases, clouds, shared folders, content management systems and repositories in the scope of this regulation, it also requires advanced expertise in security, policy management (eg. defining and maintaining your data breach policy), etc. which is best managed by a dedicated Privacy Officer. After all, how many databases, clouds, shared folders, content management systems and more does a company have, and how many users, internal and external systems have access? Spending your own valuable in house resources trying to make your data legit can be quite onerous. Documents containing PII can be hidden everywhere and a fast and easy solution imposes itself.

SCIO uses dedicated software to scan all of your systems. Risky documents at every location get correctly identified as such and treated accordingly. This treatment can be done in multiple ways, depending on your preferences. If you are certain the documents are superfluous, they can be immediately deleted. This means they can never end up in the wrong hands and you should no longer worry about their existence creating a potential problem. A less drastic option would be to keep the documents, but remove all PII contained in them. This way, the content of the documents can never be associated with the individual the document is about. A third option would be to encrypt the documents and keep them at the location they were stored before. Only a few people, those with appropriate access rights, can view the data. Even if the documents were to fall into the wrong hands they would be useless as the documents are encrypted. This again will take considerable effort for a dedicated Privacy Officer in setting up and maintaining these policies. The main advantage to this method is that no data is removed or deleted, should it become relevant again. Evidently, the disadvantage is the management of encryption keys and passwords over time.

Your most profitable option

Last but not least you have the possibility to move all PII infected documents to a secure location. The documents do not get sanitized or deleted, instead they get encrypted together in a single secure location. Whatever option you, as an organization, choose is entirely up to you, but we at SCIO believe this option to be the most profitable. To use it to its full potential, support with EMC’s InfoArchive is offered. For each relocated document, an XML-file is generated. This file contains all metadata about the document, including the original location and which PII is hidden inside.

This way of ensuring compliance with the GDPR, offers several benefits that the first three options can’t guarantee: maintaining the information but in a compliant way. This is of course useful for an organization’s changing strategy and old information that may become relevant once more. A custom search can easily be created to check all XML files so the documents of interest are quickly found.

Let’s not forget the GDPR requirement “the right to be forgotten”: this stipulates that a person can request your organization to locate and sanitize his or her PII. The processing of these requests is foreseen in SCIO’s fourth option, where this process can be managed and automated from request to report back to the user listing the information found and cleaned. This is an important benefit of this solution as it complies with GDPR whilst providing automation so you can concentrate on your business.

The GDPR promotes the use of data

Another important benefit of the remediation option explained in the previous paragraph is the undiscovered knowledge hidden in a large number of documents. Big data is an emerging science with lots of potential. Having all these documents in their original form in one single secure location allows for detection of patterns and insights which could greatly improve your operations, your business or even the world.

The GDPR acknowledges this potential and does not want to spoil the party. You are in compliance with the GDPR when you use PII infected documents for scientific, historic or statistical research purposes. These definitions are kept vague on purpose. As long as the PII is protected from prying eyes and the research purpose has no direct remunerative intentions, you are good to go. Having all data securely locked away at the same location is very advantageous for performing research, all while being fully compliant with the GDPR.

A cost-effective infrastructure

Setting up a GDPR compliant infrastructure is one thing, maintaining it cost-effectively is just as important. There’s no reason to worry, as all your data gets scanned at periodic, pre-defined time intervals. All documents that are inactive for a certain time period get classified as legacy documents and get treated accordingly. Even if archived documents get reactivated, they will once again be detected and relocated as soon as the intended purpose is complete. You shouldn’t worry about documents and where they’re legally allowed to be located because the relocation solution secures everything for you. All your resources can be spent focusing on your organization’s goals, which is after all the only thing that truly matters.

Conclusion

With the GDPR, Europe has made a strong statement in the protection of personal private data. The fines associated with violation will oblige organizations to take action before May 2018. Getting and staying compliant with the GDPR should be high on any organization’s legal, risk and IT priority list.

SCIO provides specialized services and solutions which allow to integrate painlessly into your organization’s data stores and manage PII infected documents in a GDPR compliant way. Additionally, the GDRP requirements around “the right to be forgotten” are integrated in automated processes so that you can focus on what you do best and embrace the strict digital privacy future!

So as time is running out, prepare yourself for what is coming and have a chat with one of our experts on what you can do to comply to the regulations. You can reach out to us through info@scio.be or fill in the contact form on our website so we can contact you as soon as possible.

It's all about decision support

In essence, SCIO performs the groundwork for you to make better informed decisions. With the analysis of your sales channel, customer satisfaction or product breakdowns at hand, you are better armed to focus on the right areas which will increase your market share and lower your operational costs and risks.

Decision support is relevant in strategic junctions of your organization, from investing in new markets, setting up a new product line or service offering, etc. where insight is essential to make the right choices. But better informed decision support integrated in your everyday business is equally important and will differentiate your organization from those going forward blindly, or simply repeating actions from the past. The combination of many little improvements add up to major differentiation for your organization, be it in processing capacity, customer responsiveness, increased efficiency or higher market shares.

For example, if you’re handling insurance claims, knowing if this case poses increased escalation risks is important in its processing. In customer communications, knowing the sentiment of your customer is essential for your approach to answer or propose proactively additional services of interest…. These are just some examples of how better informed decisions improve your business on a daily basis.

Finding knowledge in the haystack of information overload

SCIO offers solutions built precisely for analyzing your records. By processing all these records, certain trends or dependencies are discovered which would not be picked up otherwise. Based on these trends and dependencies, Scio complements your expertise by suggesting an optimal strategy or course of action, depending on your current situation and the needs of your organization.

SCIO does this by focusing on the bulk of information so far unexploited: all documents, emails, reports, transcripts… that are massively produced on a daily basis. This unstructured data is the haystack in which needles of essential knowledge are hidden. This knowledge can uncover relations, patterns or trends between products or services amounting to success or past failures, inefficiencies laid bare or bottlenecks that get exposed.

This is done with high performing tools that allow you to understand the content of documents, emails, reports… in natural language. Moreover, you are able to detect relations, sentiment, expertise, trends etc. combining many data sources, internal as well as external, and structured as well as unstructured data.

Generating expertise out of your own records

Success is never a coincidence. Over the years, you’ve gained valuable experience in your domain by delivering products or services to the satisfaction of your customers. Each development, project and customer has added to your expertise and allowed you to grow further. Because of the unique added value you bring to the table, you can develop new business and gain more customers.

With a worldwide economy, ever growing customer and stakeholders’ expectations, the need to build further on your expertise to expand your customer base and improve your operational efficiency has only increased. Extracting knowledge from past customer cases, product developments, successes and failures is a key element to making that happen.

The volume of information available makes it difficult to quickly detect inefficiencies, repeated failures, and likely candidates for improvements or relations between successful projects. Going through individual cases, customer complaints transcripts or reasons why certain decisions were (un)successful has simply become impossible. However, there lie the seeds of your future success!

READY TO START YOUR PROJECT? CONTACT US!