Here’s How Shred-it Can Help You Be GDPR Compliant

In May 2018, the EU implemented the General Data Protection Regulation (GDPR) worldwide. As a result, any organisation handling EU citizens’ personal data are obliged to comply, whether they are based in the Europe or not.

Statistics have shown that only 10% of companies in Singapore^[1] have made plans to be GDPR compliant. This leaves a large number of organisations vulnerable to the potentially punitive fines of up to €20m (S$31.6 million) or 4% of annual global turnover.

However, being GDPR compliant reaps more benefits for your company than just avoiding hefty fines. Being GDPR compliant ensures that your organisation has good data protection measures in place which subsequently builds positive reputation as well as enhancing goodwill with existing and potential customers. Furthermore, becoming compliant relies on an organisation’s ability to consolidate and keep track of sensitive data. Achieving an organised data system promises efficiency and significant cost-savings for your business.

Here are some steps which can be included in your policies, contributing towards your organisation becoming GDPR compliant:

• Establish a Clean Desk Policy throughout your office. It is very common for employees in an organisation to handle sensitive information and therefore it is important for them to keep a clean and clear desk, where all sensitive data is stored away properly. This is the first step to preventing a data breach;
• Destroy physical copies of data which are no longer needed through a Shred-it All Policy. This minimises the amount of data you store, minimising the chances of a data breach occurring;
• Educate employees by placing Security Reminder Posters around the office. It is one thing to draft data security policies, but it is another to adhere to them. These simple posters detail the most basic, yet vital , information security procedures employees must follow.

With these easy steps, Shred-it’s secure disposal methods help reduce the risk of data breaches. We often forget that even during the disposal process, there are countless opportunities for passersby to pick up and potentially leverage documents containing important information. Hence, it is important to engage a trusted disposal service that guarantees the secure collection and complete destruction of every document no longer required.

In addition, organisations should also implement sound policies that will keep all employees in-check whilst carrying out day-to-day operations. Appointing a Data Protection Officer (DPO) ensures that there is somebody constantly overseeing the enforcement of all information security policies implemented. This acts as an additional line of defense that prevents your organisation from falling out of compliance with the GDPR and the Personal Data Protection Commission (PDPC).

Start Protecting Your Business

An organisation that integrates personal data protection into its business processes can help reduce the risk of a data breach. Learn how Shred-it can protect your documents and hard-drives by contacting us for a free quote and security risk assessment.
 

 [1] THAM, I. (2018). Few Singapore firms ready to comply with EU data rules. [online] The Straits Times. Available at: https://www.straitstimes.com/tech/few-spore-firms-ready-to-comply-with-eu-data-rules [Accessed 28 May 2018].