With GDPR coming into force in May 2018, data protection just got a lot more serious.
We can help.
What is GDPR?
The GDPR (General Data Protection Regulation) is new data protection legislation which is being introduced by the ICO (Information Commissioner’s Office) and which comes into effect on 25th May 2018. These new laws will increase privacy for individuals and give regulatory authorities greater power to act against organisations which breach them.
Why is it happening?
Technology has transformed the power of organisations to capture, use and share individuals’ data. The aim of the GDPR is to give all European citizens more control over data held which relates to them personally – including how it’s stored, as well as how and when it is destroyed.
What about Brexit?
No difference. The GDPR will come into force before the UK leaves the EU, but the UK government has confirmed that UK organisations handling any personal data relating to EU consumers will still need to comply.
What is “the right to be forgotten”?
Under the new rules, individuals will have what’s known as “the right to be forgotten”. This means they will be empowered to ask that organisations delete their data when it’s no longer necessary for it to be held by them, or when the data is no longer accurate.
Does it affect you and what’s the risk?
The new laws will apply to any organisation handling personal data relating to consumers in the EU. So, if your organisation processes any data relating to anyone living or working in the EU, this affects you.
For organisations which are found to fail to comply, the potential penalties are substantial i.e. up to a maximum of either £20 million or 4% of annual revenue – whichever is the greater.
Faced with the twin threat of huge fines for non-compliance and data breach attempts at an all-time high, most affected organisations are keen to make the necessary changes. But the process is a complex one and not all organisations have the in-house resource or expertise to take the steps that need to be taken if they’re to meet the May 2018 deadline.
What you can do now
Twelve steps to do now is a helpful downloadable document produced by the ICO (Information Commissioner’s Office), which is introducing the new legislation.
How Workflow can help you comply
We can help you significantly reduce your security risk by first reviewing your situation and then showing you how to address any weak areas in your systems. To be compliant you need to have adequate technical and organisational measures in place to protect both the individuals’ data that you hold and the systems through which that data passes.
Everything we do is tailored to the individual customer, so please contact us for insight into your own situation. In the meantime, here are 5 top tips.
Our 5 top security-boosting tips
- Reduce the risk of sensitive printouts getting into the wrong hands with secure release which only allows print jobs to appear when the author presents their password, fingerprint, IC card or other at their chosen print point.
- Data destruction software can auto-delete or overwrite saved documents and unopened secure print jobs within specific timescales.
- Most MFDs automatically store an image of every single document they copy or scan. Not good. Configure your devices so that all documents and communication traffic data files are automatically encrypted, making them impossible for others to decipher.
- We can help you adopt the “privacy by design” approach recommended by the ICO. This means designing processes, systems and solutions with individuals’ privacy in mind right from the outset.
- Digitise your paper-based data to avoid a security disaster waiting to happen.
Find out more
Discover more about us and our services by downloading our solutions brochure.