The European Data Protection Regulation (GDPR) are now law and they will go live across the EU on 25 May 2018. These new rules are called the General Data Protection Regulation (GDPR) and apply across the board from small and medium-sized businesses to public authorities and large organisations in the whole of Europe.
What is EU data protection?
In the EU there are existing legal rules for the collection and processing of personal data. Anyone who collects or processes personal data must protect it from misuse and comply with a range of legal requirements. The GDPR upgrades the existing rules.
What does your business need to do?
The GDPR is a lengthy document but here are some things we’ll need to do :
1. GDPR applies to hard copies and electronic data.
2. Make sure we only process data fairly and lawfully.
3. Make sure we tell people properly when we collect their personal data and get their consent.
4. Make sure we only hold data which we need
5. Keep the data we hold accurate and up-to date.
6. Keep data secure
7. Respect people’s right to opt out at any time.
8. Do data protection impact assessments when doing something new.
9. Make sure we’re ready to deal with the new rights created by GDPR – like the rights for people to see the data we hold on them, to move it, to correct it and to have it deleted
10. Make sure we destroy data when we don’t need it any more – and that we do this securely.
11. Make sure we only share data with people we trust – and even then have a proper written agreement in place.
12. Deal with problems like potential data breaches quickly.
In case you suspect a data breach you should immediately inform your Data Protection Officer (or CEO if you don’t have one). This applies if its electronic data (like the E-mail system) or manual data (like papers in a filing cabinet).
Why would you make sure that you are compliant by 25 May 2018?
There are bigger penalties under the new law for data protection. From 2018 for some infringements a maximum fine of € 20 million or 4% of the global turnover of a business (whichever is greater) can be imposed, with likely higher reputational damage resulting too. This is the big stick for data protection compliance, but, getting it right will avoid major headaches.
If you would like to read more about GDPR, please read our whitepaper:
How can I protect my paper documents ?
Data protection is extremely important to protect your business and your reputation. You would not like to see your information fall into the wrong hands.
Now is the time to work on getting your business ready for the GDPR. You need to undertake specific activities or actions to ensure all data that is being handled within your company about the company, your employees, suppliers and customers are handled with care and are safe.
Ensure that your company creates and circulates a company policy regarding Data Protection. This policy should embrace all aspects to be compliant with the GDPR. Do not forget to add information in your policy for home and flex workers.
Keeping your data confidential with Fellowes
For paper documents we advise you the following:
Tip 1: Shred your paper documents
Be aware of the numbers of documents you bring to a meeting and re-assemble them after the meeting. Do not leave any documents on the printer. Shred all documents before they end up in the paper bin. If you work from home, you should also shred any papers containing confidential information.
Tip 2: Label your documents
Please make sure that you label confidential documents. Then people are aware to treat the document as is expected with confidential documents. It also helps to keep track of what information can be found on these documents
Tip 3 : Lock your office and/ or cabinets
Your office or cabinets usually contain a lot of confidential documents. Please store these safely behind a locked office door or cabinet, whenever you leave your workspace. When you share cabinets with your colleagues, please agree on a policy to protect the data
Tip 4: Clean up on a regular basis
Do not keep any unnecessary data and make sure that you destroy it securely. All confidential documents containing company information, people’s details or signatures should be shredded.
Also destroy all information on paper which you are not obliged or required to keep anymore. Once you fulfilled the legal requirements for documents, they can be shredded.
You can call a Staples representative at the following number:
+44 (0) 121 322 1000
You can also fill out the form below and one of our representatives will get in touch with you shortly.