GDPR (General Data Protection Regulation) Compliance through destruction
Why Shred?
Confidential Shredding company can help companies to meet GDPR requirements by providing an effective way of disposing of data securely to prevent access by third parties. The GDPR is concerned with personal data handled by organisations in both electronic and physical formats, such as paper documents. If you fail to ensure proper procedures are taken to secure hardcopy documents, you pose a high risk to your businesses.
Why is this so important?
To consumers – it adds new levels of protection and control over their data.
To you, a business
It heavily changes the way you handle data, be it prospects, employees, or customer records. If you haven’t already got a plan in place to prepare for GDPR, now is the time to start.
What happens if my business doesn’t comply?
GDPR has been in many headlines recently because of the increased penalty provisions. The law would give supervisory authorities (in the UK this is the information commissioner’s office, ICO) greater power to hand out penalties. For example, The SA would be able to:
- Carry out data protection audits
- Issue warnings to the data controller and processor in the likelihood of a GDPR breach
- Impose a temporary or definitive limitation including a ban on processing;
- Administer fines of up to €20 million or up to 4% of annual global turnover for serious GDPR violations.
What about Brexit?
The GDPR legislation is made by the European Parliament & Council, which may leave you thinking “What about Brexit?”
In February 2017 the UK’s Digital Minister Matt Hancock confirmed that the UK plans a full implementation of GDPR standards. This will ensure the secure, free-flow of data between the UK and EU following Brexit. GDPR would apply to UK companies who process data, even if they are not established inside the EU.
However, until this is implemented and while the UK remains subject to EU law, your organisation must continue to focus on becoming fully compliant with the GDPR regulations.
Is it worth the risk?
With GDPR fines potentially costing up to £20,000,000 or 4% of your total company turnover, making sure you have the correct and effective shredding and data destruction equipment is a very small price to pay to ensure your company integrity is fully protected ongoing.
What will your business need to do?
Confidential Shredding Company recommends that businesses review the way their sensitive information is destroyed after use. Robust policies will need to be put into place and many businesses may find that subcontracting these new measures will be a secure and cost-effective solution. However, it is understandable that some businesses would prefer to have their shredding completed on site for added reassurance.
The GDPR regulation for in-house shredding requires proof that documents were destroyed, which the average office shredder For GDPR compliance, a Certification of Destruction will document the time and date of shredding to ensure the secure disposal of sensitive data
How we work:
- Our fully trained staff will come to your site or office and transfer the waste to our custom-built vehicle for weighing.
- Our shredding facilities and mobile shredding units are fully monitored by CCTV.
- A representative of your company can witness the destruction process.
- Once all al the material is destroyed, we will issue you with a certificate of destruction recording the details of the collection. This is a minimum requirement for anyone disposing of confidential waste and must be kept on file for a minimum of 6 years.
How Confidential Shredding can help your business comply
Confidential Shredding Company offers a secure onsite service, which is carried out in regular scheduled visits or one-off arrangements.