The time to act is here. May is just four months away, and with it comes four
letters destined to make a big impact in your business.
Got no idea what we’re talking about? GDPR.
The new General Data Protection Regulations come into effect from Friday 25 May and they are guaranteed to shake up your office in a big way. If this date isn’t already circled vigorously in red pen on your calendar, then we suggest you do that right now!
There’s plenty of technical jargon, rules, and regulations that you can find trawling the Internet (not to mention some scare-mongering), but we think that’s rather intimidating. So, we’ve compiled a short list of the basics you need to know, along with a way that we may just be able to help with some of it…
What Is GDPR?
Got no idea what we’re talking about? GDPR.
The new General Data Protection Regulations come into effect from Friday 25 May and they are guaranteed to shake up your office in a big way. If this date isn’t already circled vigorously in red pen on your calendar, then we suggest you do that right now!
There’s plenty of technical jargon, rules, and regulations that you can find trawling the Internet (not to mention some scare-mongering), but we think that’s rather intimidating. So, we’ve compiled a short list of the basics you need to know, along with a way that we may just be able to help with some of it…
What Is GDPR?
GDPR are the rules which define how businesses should handle personal data. Currently, all confidential information relating to your business must be destroyed securely. This includes legal documents, financial records, case files, employment records, personal information – the list is never ending. Basically, destroy anything that contains names, addresses, phone numbers or financial information.
But what’s new?
Under GDPR, many companies will need to implement new processes to ensure that documents are destroyed promptly and securely. Data disposal, retention schedules, destruction policies, certificates of destruction and audit trails are all set to change according to the Information Commissioner's Office (ICO).
Under GDPR, many companies will need to implement new processes to ensure that documents are destroyed promptly and securely. Data disposal, retention schedules, destruction policies, certificates of destruction and audit trails are all set to change according to the Information Commissioner's Office (ICO).
Why Do We Need New
Regulations?
In 2016, 82% of large businesses and 63% of SMEs fell foul to some sort of data breach. As the internet and digital services have revolutionised the way we live, work and shop, the risk of a data breach is increasing. The updated plans are set to modernise how data is collected, processed, stored, and destroyed to protect companies, employees, and clients from cyber-crime.
When Will The Law Change?
Friday 25 May 2018. And it doesn’t matter which industry you work in or how big your company is, EVERY business will have to follow the new regulations.
How Will It Affect Me?
As a data controller (that’s your business), you must appoint a Data Processor who will have the responsibility of processing all the personal data your company accumulates. This can be done in-house or via an external company. When collecting personal data, you must provide the identity of the processor and the purpose and legal protocol for processing the data. This includes consent, public interest or for a contract.
On the topic of consent, prepare for a huge change if you currently use pre-ticked boxes or your website. As of 25 May, this will no longer be acceptable. Subjects must make a clear action to show consent, so they must actively tick a box (which must be accompanied with a compliant privacy policy) or sign to this effect. Participants will be able to withdraw their consent at any time, request that personal data is deleted, must have the right to acknowledge their processed personal data and, if requested, receive a free copy of the data held about them.
If you process or collect data online, you will also be obliged to implement data protection measures when processing personal information. It may be useful to consider what data is essential, what is unnecessary and if/how your current products or services need to change.
How Office Prime Supplies Can Help…
Feeling a little overwhelmed by your GDPR to-do list?
Well, we can take some of the pressure off with our range of off-site shredding options. We can deliver either 240L/660L lockable bins or bags to your office, arrange collection either as a one-off clear out or on a regular basis, shred it securely and provide you with a certificate of compliance. Other than filling up your bags or bins, you don’t need to do a thing; just outsource it to a professional provider (that would be us and our partners!).
We ensure that your data is genuinely secure while it awaits destruction, is destroyed correctly and in accordance with any security requirements, and provide you with a visible audit trail to demonstrate your compliance.
Alternatively you might take the view that shredding it yourself is the way forward. If so, that's not unusual. A lot of businesses like to have the peace of mind of total control of every step of the process. If that sounds like you, then we have a specialist range of some of the best shredders on the market from HSM.
Why we chose to recommend HSM machines to our customers:
- 3 Year warranty on each machine.
- 0.1 watt power consumption (on stand-by).
- German Quality - made in HSM's own factory in Germany.
- Digital motor (quiet powerful & efficient).
- Lifetime warranty on cutting rollers (Security Level P1 - P5).
- Continuous run motors.
Seriously, these are great bits of kit and every customer we have ever sold one of their machines has been delighted with the efficiency and impressed with the operational effectiveness.
For more information, email matthew@officeprimesupplies.co.uk or give us a call on 01270 760713.