Data Protection: Best practices to ensure your company is preparing for GDPR
To all companies it is crucial to ensure that sensitive information is kept secure, due to its nature and contents. Therefore, it is imperative companies are mindful and ensure they implement best practices on data protection.
With the introduction of the EU’s General Data Protection Regulation (GDPR) in May 2018 replacing the Data Protection Act (1998). This has become vital to avoid potentially large punishments in the future.
Key focuses must be on gaining, distribution, storage and destruction of client information. It is crucial that companies take on board the information provided by the Information Commissioner’s Office (ICO) and complete the registration self-assessment questionnaire to identify whether the organisation need to register with the ICO.
Under the Data Protection Act (1998) companies collecting information should use it for a specific purpose, ensure it is kept secure, only hold for as long as required and is accessible to the subject available on request.
The way in which it is stored is of great significance too. Considering the legislative requirements, information and documentation should be kept electronically and secure. Hard-copies need to be locked and secure in filing systems.
Best practice is making sure that all of the workforce is aware and understand the importance of data protection. Here are some tips that can ensure your organisation is protecting it's data:
Ensure your networks are secure at all times and checked regularly and are constantly backed up.
All devices have virus protection software, password protection, additional file/folder passwords as well as encryption.
Passwords are regularly changed and enforced by IT policies thus guaranteeing this happens.
Printed information isn’t left lying around, and if contents is sensitive it is passed to colleagues in resealable internal use mail envelopes.
Implement a printing system that enables only you to receive your printed document through security codes or swipe cards
When storing printed information, it is put in a secure and locked place. Where possible the document gets scanned, stored securely and electronically, and the printed material is destroyed.
Logixal support data protection best practices and help companies implement these through:
Managed Print Services (MPS) - hardware and print services that at are code or swipe card managed to ensure only you can print and collect information you are printing
Electronic Content Management (ECM) Systems that enable documents to be stored and managed electronically securely