As of May 2018, the new General Data Protection Regulation (GDPR) rules will apply across the UK, replacing the Data Protection Act that businesses within the UK currently abide by. This new set of rules has been designed to provide more protection to individuals and their personal data, by giving them more control over their own data and how it is used by businesses. Businesses who fail to comply with the new rules will face tough consequences, both financially and in damages to their reputation as a business.
Although GDPR was announced in good time and all businesses have been made aware of what is expected of them, as well as what will happen if they fail to comply, many UK businesses haven’t yet taken action to prepare. Regardless of Brexit and any other political issues, GDPR is very much a real issue for many businesses in the UK, and through all of the uncertainty surrounding Brexit, one thing that is certain is that businesses must comply with the new regulations. With this in mind, there are a number of things that businesses should consider in relation to their paper documents, to help them best prepare.
- Are you Aware of the Paper Documents and Information in your Possession?
The first thing to consider is whether or not you are aware of the different documents and information that are within your possession. If you are, then you will be able to sort the documents and comply with the new rules that are set to come into place. However, if you aren’t aware of everything that is in your possession, then how will you be able to comply with a set of rules that apply to the specific documents that you are unable to locate?
Although both paper and electronic documents are included within the new rules, electronic documents are typically more organised and easier to find than paper documents. Because of this, you should consider conducting an audit of the information you have, locating each document and ticking it off as and when you know you have it. As part of this, you should find out how many copies of each document you have and collect them all into one place.
- Which Data can you keep?
As was previously the case, keeping all of your documents just in case you may need it at some point in the future is no longer something that businesses can do. You should now be aware of what data you have within your possession, using the new regulations to decide upon which data to keep and how to categorise it.
- Destruction of Unwanted and Unneeded Documents
Once you are aware of the documents that you have, and the documents that you should be looking to remove from your possession, you should consider how unwanted and unneeded documents will be destroyed. The best way to do this is to take advantage of the services offered by companies that specialise in the shredding of documents, as this will help you to destroy of the documents in the best way possible.
- How private is your Document Storage?
Data breaches, including documents and other data getting into the wrong hands, are a big focus of the GDPR. Privacy of data has become a very current issue, and so the way in which paper documents in particular are stored and transported is a big part of the GDPR, and one that should not go unnoticed.
- Training Employees
Once you are aware of what is expect of you under the new rules, you should look to train your staff and make them aware of all relevant changes and information, to ensure that your whole business can work in a way that is fully compliant. Employees help to ensure that business runs smoothly, but they can also sometimes be a reason for issues to arise, and this is never good for any business owner or members of management teams. To ensure that your business doesn’t create any issues, full training and support sessions should be considered for employees throughout the business.