With only 5 months to go until the implementation of GDPR, new research from the Institute of Directors has revealed that 1 in 3 directors are still in the dark about what the regulation means for them, and what they need to do. In fact, several of them didn’t even know what GDPR was. But GDPR will affect every single element of every single business in the UK – so every business owner needs to understand their obligations. Particularly when it comes to confidential data stored in paper form. So today, we have some advice for you to help understand the implications of GDPR.
Preparation Is Key
The key to ensuring you don’t end up on the wrong side of GDPR is preparing your business well in advance. This will mean reviewing your data practices at every level – from the highest level of cyber secured data to the smallest shred of paper with a credit card number scribbled on it while taking payments over the phone. But too many businesses are focussing on the digital side of things, while neglecting other elements of their business that need attention. GDPR will impact not only your IT, but your HR department, legal, marketing, sales, and yes, your paperwork.
That’s why Jamie Kerr, Head of External Affairs at the Institute of Directors, said:
“It was clear from the outset that this would be a mammoth task for small and large businesses alike, but the scale of the challenge has not necessarily translated into preparedness for the new regulation, despite the huge costs of non-compliance. The Government and the regulator must pull their weight on this issue, as it is set to have a significant impact on businesses across sectors and regions in the UK.
“It is crucial everyone understands just how big this regulatory change will be for business leaders over the next few months. GDPR also comes hot on the heels of a number of big regulatory shifts for business over the past few years. We should also not forget the potential of extensive preparations that will be needed as we depart from the EU. Taken altogether, it’s not the easiest time to do business in the UK.”
So really, it’s all about understanding how GDPR will impact your business, and actively preparing for it.
What’s That Got To Do With Paperwork?
Paperwork is one of the main things bosses are forgetting in the run up to GDPR, and yet it’s one of the central principles. Because over 95% of businesses still keep confidential data in paper format. That can be anything from customer credit card numbers to employee national insurance numbers. And with GDPR bringing in stricter rules on what is classified as personal information, and what can be done with it, it’s now more important than ever that business owners get their paperwork in order.
While we can’t help you with the in-house compliance bit, we can help you handle what happens to your paperwork once it isn’t needed anymore. Rather than risk throwing it in the recycling bin (which would be classified as a breach, as it’s all too easy to steal from) or spend hours hunched over your shredder every few weeks, you can outsource your data destruction instead. Our shredding services simply require you to fill a bag with paper to be destroyed, and then give us a call when it’s full. Or, you can install one of our secure consoles in your office, and simply use it as the ‘sensitive information bin’. Our experts will collect it from your offices, securely destroy it for you and even provide a proof of destruction certificate, so you can prove you have met your obligations at every stage. For more information, get in touch with our team today.