With substantial financial penalties at stake, when the new General Data Protection Regulation (GDPR) comes into play next year, it is important for businesses to review current data protection policies as soon as possible.
To prepare for GDPR, businesses can take simple steps to prevent confidential data falling into the wrong hands. Fellowes, an office equipment supply company, has laid out five possible things businesses can do to safeguard data.
Simple steps to safeguard data ahead of new GDPR
1. Set up an audit team: Having a dedicated GDPR team within your company is a simple, cost-effective way to ensure you are prepared.
2. Train and re-train staff on data protection: Make sure all your employees are fully up-to-date with data protection laws ahead of new GDPR.
3. Shred any documents you don’t need: Ensure all employees have access to shredders so all confidential paper waste – from sales figures to CVs – are destroyed properly.
4. Add signs to common areas: Add signage to shared workspaces and send weekly update emails to remote-workers highlighting GDPR risk.
5. Don’t leave documents behind: Remember to check for any documents you might have left behind after working in public places.
In October this year, confidential child protection documents were found ‘blowing around’ a street in Leicester. This is just one of many cases where sensitive data was breached. When GDPR comes into effect in May 2018, failures like this could result in a £20 million fine for the business responsible.
Cases, such as the one above, must be prevented to ensure small businesses survive. So, employers must begin to encourage workers to destroy important data or store it securely.
According to a recent study by office equipment supply company Fellowes, 20 per cent of UK office workers never shred documents, with 40 per cent of employees admitting they often throw client data straight into the bin.
“Despite the impending GDPR deadline, our research shows that many companies don’t appear to have systems and policies in place to protect sensitive information,” Darryl Brunt, UK Sales and Marketing Director at Fellowess says. “It’s essential for businesses to have robust procedures in place to protect personal and confidential documents – including the secure shredding of obsolete sensitive paperwork.” Another way of preparing for GDPR is by conducting a sensitive information audits.