As of May 25th 2018 the General Data Protection Regulation (GDPR) will come into effect throughout the EU and will replace the UK’s current Data Protection Act of 1998 which Paper Escape are already registered under. Whilst no GDPR accreditation currently exists and we as a company were already very confident that our existing procedures were already compliant, we have recently undergone a gap analysis to ensure compliance for the new GDPR standard.
The GDPR will impact the way data is managed and it will affect all businesses.
Failure to comply with the new regulations could mean that regulators have the power to impose fines up to 4% of your companies annual turnover. According to a UK government 2015 information security breaches survey, 90% of large organisations and 74% of SMEs reported a security breach, leading to an estimated total of £1.4bn in regulatory fines, the forecast shows that these numbers are estimated to increase during 2017 and 2018.
Following recent cyber attacks on the NHS and various hacks on databases owned by large well known organisations, GDPR unsurprisingly places a focus is on cyber security threats, server hacks, and general vulnerabilities on data stored on and transmitted between servers and networks. There is also just as much focus with GDPR on physical paper documentation and files including retention periods, duplicated documentation, privacy of these documents and more importantly- how easy this information is to locate. This has caused concern for businesses, many of whom store their paper files and documents in various locations with restricted, limited or difficult access. This is yet another reason why EDS (electronic document storage) is proving the chosen method of storage for businesses and organisations across the globe. With EDS, the information is one place for instant access, allowing you to choose where that information is stored (ie a server or a cloud) and who it is shared with which will in turn help you to take huge steps towards GDPR compliance.
If you are unsure about any element of GDPR, please contact ourselves or speak with the ICO helpline 0303 123 1113