Print in the Channel - issue #8

CONFIDENTIAL SHREDDING

A cut above GDPR has put the onus on businesses and employees to dispose of their data in secure ways, wherever they may be based – although a significant minority do not do so. This is why confidential shredding is so important for all employees.

Hybrid working is now the norm for millions of employees across the country post- pandemic, but in some cases, security measures have not kept pace, which can leave businesses exposed to the risk of data breaches or falling foul of the General Data Protection Regulation (GDPR), both of which can have a serious impact on a business. A 2022 survey by Shred-it UK found that while 88% of respondents said they deal with confidential papers in their job, 24% said they do not always follow their workplace policy on destroying confidential information when working from home. The risk of confidential or sensitive information leaking out also increased, as four in 10 of those surveyed said their home workspace was shared with others, and half admitting that others in the house could access or see the confidential information. “Many workers are seeing the benefits that hybrid working can offer, but the survey results are concerning because they show confidential business data could be at a greater risk,” says Toby Black, Shred-it’s UK senior vice president. Shred-it’s survey also revealed confusion over who is mainly responsible for destroying and recycling paper and hard drives when working remotely. Of the 1,000 home workers polled in the online survey, 43% said it was their employer’s responsibility and 45% said it was theirs. In addition, 34% of those surveyed said they shred and recycle the paper, notebooks and printouts they use when working outside their office; but 18% don’t recycle shredded work documents when at home and/or just put documents in the bin. Other respondents admitted that they don’t have time or think it’s important to shred confidential documents. GDPR But this means that employees and businesses could be breaking the GDPR. “GDPR was introduced in May 2018 to regulate data protection and privacy across Europe,” explains Jeremy Cooper

from Fellowes. “Put simply, it refers to the process of ensuring that your organisation complies with the GDPR regulations that were introduced by the European Parliament five years ago. “The GDPR gives individuals more control over their personal information and ensures that companies and organisations are taking appropriate measures to securely protect this sensitive information no matter where their employees are working – in the office, at home or somewhere in between. “Non-compliance with GDPR regulations can result in severe penalties. If an organisation is found to be in breach of the GDPR, it could be fined 4% of its annual global turnover or 20 million euros, whichever is greater.” Elisabete Wells, regional marketing director, UK & Ireland, ACCO Brands EMEA, adds that it is a common misconception that GDPR only applies to digital records, when these regulations and their penalties apply to physical and virtual data. “With hybrid workers handling contracts, processing invoices and dealing with customers’ and team members’ sensitive information within the home environment, businesses and individuals risk being in violation of these rules, incurring fines, causing reputational damage and

Toby Black UK senior vice president

shredit.co.uk

24% [of respondents] said they do not always follow their workplace policy on destroying confidential information when working from home. “ ”

24

Powered by