The General Data Protection Regulation (GDPR) applies to every organisation anywhere in the world, where they process any information about EU citizens. These new GDPR regulations come into effect in May 2018 and supersede the existing UK DPA legislation.
Why Paper Shredding is Vital for GDPR Compliance
Electronic data security is top priority for all organisations, but many are failing to look at the processing and storage of paper-based data.
Research from the ICO in 2016 showed that 40% of data security incidents in the UK were related to paper:
- 19% Data posted or faxed to the wrong recipient
- 14% Loss or theft of paperwork
- 4% Data left in insecure location
- 3% Insecure disposal of paperwork
In 2017 there was an increase of 20% in loss or theft of paperwork.
Shredding paper based documents will help companies meet the GDPR requirements by effectively destroying data to prevent access by third parties. You pose a high risk to your organisation if you fail to properly ensure procedures are in place to secure paper documents. You are liable under the new GDPR for any data breach resulting in any individuals information being stolen.
Using paper shredding services to destroy documents protects the reputation of your organisation. If you or your business cannot be accountable to being being asked why you have personal details or company documents stored, then you should destroy them, or face the consequences.