Where schools in 2018 were at a loss as regards the GDPR, 2019 seems to be foremost about PSD2. What do these terms mean? And what measures can schools take?
GDPR in a nutshell
As per 25th May 2018, the new European privacy policy entered into force, also known as the General Data Protection Regulation (GDPR). All organisations, including schools and universities, are obligated to protect their students’ or customers’ data. This data should be treated as confidential. According to the GDPR directive, the definition of personal data is any information related to an individual, such as names, photographs, e-mail addresses, bank details, posts on social networks, and IP addresses. If we consider the fact that universities often have more than 20,000 students, it is not really surprising that people are struggling with GDPR.
PSD2…? Please remind me
PSD2 stands for the second Payment Services Directive. It is a European guideline on payment services. This directive determines that alongside banks, other parties can also provide new payment and account services, such as a service that helps to maintain an overview of separate bank accounts. PSD2 also regulates the fact that only licensed payment institutions are allowed to provide financial services. Obtaining such a license is a hassle that schools would rather avoid. The dilemma is thus ambiguous. As a university, you want to service your students and let them make purchases but with all these new rules, this simultaneously causes quite a hassle.
PSD2 and GDPR: trouble for facility managers
Imagine you are the facility manager of a university and you are determined to deliver more payment convenience for students. After all, your students purchase things on all kinds of self-service machines, including vending machines, printers, and coffee machines. But you also want to comply with all the GDPR and PSD2 directives. Where do you begin? Will you request a payment license? Will you opt for outsourcing? Many schools are currently actually in violation, as they manage the money themselves and are thus responsible for all transactions. In other words, if data is leaked or money is stolen (cybercrime), the universities themselves are accountable.
Micropayments and cloud solutions without the hassle
Precisely because of these complex situations, KUARIO provides a perfect solution for schools and universities. KUARIO offers micro-payments for students, with which they can easily print, make photocopies, and pay for coffee and food via a mobile app and a QR code. KUARIO also relieves the university from all GDPR and PSD2 obligations.
KUARIO ensures the registration of users and their data, which will subsequently no longer be stored locally in the university. A university can hereby already take an important step in protecting students’ data.
KUARIO also has a GDPR-proof printing solution called cloud printing, via which students’ data is stored in the cloud, rather than locally on servers. Our printing solution works with double encryption. Data is sent as a package and is unwrapped locally on the printer. The data is not stored on the printers or printer server before it is printed. And as KUARIO is an officially licensed payment service agent, the money is managed in a fully regulated manner, in accordance with the new PSD2 directives.
Would you like to know more about KUARIO?