Early in 2018, the EU General Data Protection Regulation (GDPR) kicks in, introducing much stricter measures on personal data management and processing. And multi-million euro fines for not following them. It is easy to assume this mainly concerns digital data, but if this is the case you are overlooking a significant data medium, leaving you open to expensive risks.
To take just one major principle of the GDPR, each individual has the right to erasure, ie to request that their personal data is deleted or removed. This includes any and all personal data recorded on paper. As a result, the task is a big one for many businesses for a number of reasons:
Where is all of the data?
Many companies could struggle to find all their personal data in the first place. How many businesses are organised enough to have every paper record indexed? Is it in filing cabinets, storage, someone’s desk drawer or even among a pile of abandoned files in some dusty storeroom corner? Searching for and collating this is could be a massive inter-departmental task.
Is the data duplicated?
Even more uncertainty may surround the number of copies that exist. Document control can quickly unravel if documents are photocopied or superfluous copies are printed and given to several colleagues. At that point even well-intentioned and attentive workers can fall into undisciplined practices. When documents have been used it is very easy for them to end up in unintended places.
What About Privacy?
Privacy is a word that brings many Managing Directors and CIOs out in a cold sweat. It is one thing to protect digital data, with the increasing threats from hacking, internal theft and ransomware attacks, to name just a few. It is quite another to manage risks posed by data recorded on paper.
Physical documents find it very easy to make their way into the wrong hands, risking serious data breaches. When these are on-site, risk can be managed to a degree and the chances of theft or malicious use are lower. However, when they are in transit, a security weak spot opens up. Sensitive information may be left on a train. A courier could ‘misplace’ an archive box filled with payment records. Customer files could be stolen from a car or hotel room.
Avoid the Risks. Digitise.
The most frustrating thing about all of these risks is that with management, effective work processes and technology the risks can be mitigated.
If your workplace is one with sensitive paperwork spread over different locations, quick and intelligent automatic document feed scanning can quickly collate all documents into cleansed digital formats. From there, text recognition software can draw out key information that can be utilised to allocate them to the appropriate digital file or folder.
While it will always be useful to see physical copies of some information, in this day and age there is no need to share sensitive data on paper anymore, and certainly no need to duplicate it. Methods of sending information securely using project management software or even instant messaging are far more efficient for this type of data. Likewise, meeting handouts can be made available for reference on intranet systems or collaborative platforms such as Sharepoint. For the old school, secure email works just as well.
The same practices combined with secure document achieving – when it is necessary to retain physical copies – and efficient disposal processes for everything else should negate information security risks.
Out on the road, why carry cumbersome files around, when cloud services (or password protected memory sticks) ensure that it is all available on a laptop or tablet? Then for any data that is acquired on the road, portable scanners are the perfect way of digitising this information. Handheld shredders can quickly and securely dispose of the paper copies with minimal fuss, and no risk of it being left on the train or coffee shop counter.
So as you can see, with a little preparation and management, many of the main risks posed by the forthcoming GDPR legislation can be mitigated. Granted, it will require significant investment in additional technology, work processes and employee training. However, with regulators set to fine offenders up to 20 million euros or 4% annual turnover when GDPR is introduced next May, it is a worthwhile investment.
At Printware, a wide range of document scanners are available to help you stay compliant. Click on the links below to find out more about each: