PSFS Family Directory - GDPR: Forget Family Feature (FAQ)

ParishSOFT Forget Feature Frequently Asked Questions

Why has ParishSOFT enabled GDPR features for all users of the Family Suite applications when the GDPR regulations do not apply to most ParishSOFT customers?

  • ParishSOFT has made the decision to implement features and functionality in the Family Suite that help make it easier for our customers to be compliant with the GDPR regulations.  We believe that this is a world class standard that we should support, so we have made these features available to all of our customers regardless of their physical location or place of business.

What if my diocese does not want to make the GDPR forget features available to any of the parishes in the diocese?

  • If a diocese does not want to make these features available to any of the parishes in the diocese, they should contact our support team to discuss options to manage the forget features designed to help them with GDPR compliance.  There are some options that we can configure to help match the application with the diocese workflow in the ParishSOFT Family Suite application.

Does the forget features in ParishSOFT Family Directory delete family and member records?

  • No, it is an edit to the family and member records.  The forget feature will remove individual data field values from the member record if it is allowed in the application edit interface.  If data cannot be removed in the edit interface, the system will replace personally identifiable data with anonymous data such as GDPR.

What users have access to the GDPR Forget features in ParishSOFT Family Suite?

  • Users with Family Directory Add/Edit access rights have access to the GDPR forget features in the application.  Since the forget features are editing individual data values and not really deleting records (A.K.A. the whole family), the features do not require Family Directory delete access rights.

Can I recover a family or member record that I have forgotten by mistake?

  • No, The process is not reversible.  The spirit of the GDPR regulation is to remove the data upon request by the family or member.  Keeping copies of the data would not follow the spirit of the regulations.

Is the forget family or member feature the same as a deleting a family?

  • Deleting a family removes your parish or organizations relationship with the records and removes the data that is specific to your organization.  Since many record values like family address can be shared in the ParishSOFT Family Suite with other organizations, deleting a record does not remove all of the data, so as to not remove data other organizations in the diocese may be relying on.  Forgetting a record is removing the individual data values on the record where permitted by the application business rules.  If the individual business rules are not permitted to be removed, they are changed to protect the identity of the respective family and members.

Does forgetting records modify my parish sacrament records?

  • Since the sacrament records are one of the core values of the ParishSOFT Family Suite system, the sacrament records are not edited by the forget function.  Your sacrament register data integrity is retained.

Does forgetting records modify my contribution and pledge data?

  • The actual financial records remain intact after the family or member is forgotten.  This maintains the integrity of your financial records.  Where the financial records linked back to the family or member record, the linkage is retained, but the family and member identifiable data has been removed.

Does forgetting records modify my Religious Education student records?

  • The student records stay intact after the related family or member records are forgotten.  This does mean that you will not be able to see the names or contact information for the students who were forgotten, but your data such as class roster will still have accurate counts.

Will there still be representative family and member records in the system after I forget a family or members?

  • Yes, there will still be shells of the family and member records, but the data that has personally identifiable information will have been removed in the forget process.

What is the purpose of the GDPR reports?

  • The GDPR reports are to "prove" that records were forgotten.  The burden of proof for complying with the request to be forgotten is on the data controller in the event of an audit.  This report coupled with the inability to find a family or member by their identifiable information should provide proof that you are actually removing their data from the system without destroying the core data systems around sacraments, contributions, and student records.
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.