No business wants to face a fine of £17.4 million. But this is the consequence for infringement of any of the data protection principles or rights of individuals.
In 2018 one of the biggest data-breaches seen in the UK was the theft of 12,000 files including 772 million email addresses and 21 million passwords. This put the information and private data of millions of people at risk. New GDPR legislation has insured that individuals and companies who compromise this data will be prosecuted. This breach could have been avoided!
The UK General Data Protection Regulation (UK GDPR) sets out the key principles, rights, and obligations for processing of personal data. Along with the Data Protection Act 2018 which applies to most UK businesses and organisations and governs the fair and proper use of personal information. It sets a basis of what personal data is, the protection principles, rights of individuals and the lawful basis for processing personal data. It states the consequences you could face from a data breach and the importance of reporting any serious data breach.
Despite this, companies continue to fall victim to data breaches. Often businesses overlook the importance of safely handling their data and taking the correct preventative measures to ensure no data is left behind. The only way to be absolutely certain you are protected against a data breach you must destroy every trace of data that is no longer in use.
1.Make data-security an essential part of your budget; It is crucial that when making a financial plan for your business that the secure handling of data is a priority. This will ensure that your data- security is dealt with and not delayed or ignored due to lack of budget to support it.
2. Essential training for staff members and a security driven work environment; The Information Commissioner’s Office (ICO), accidental disclosure or human error is a leading cause of personal data breaches. Training along with adopting a culture of security in the work environment. This will create an awareness from top down that information security is a priority. Policies and procedures should include comprehensive compliance standards.
3.Keep up to date with data protection legislation; Ensure you are aware of the data- legislation that affects your business and that your data partners are compliant with this and have the correct accreditations to comply. For example, ISO 27001.
4.Don’t Stockpile your data-bearing equipment; Research has shown the only way to guarantee destruction of information on data storage devices is to destroy them. At Disk Shred our custom-made mobile shredding equipment arrives to your site and destroys all your data-bearing media. The entire process is tracked with barcode scanning and in addition to the process being filmed on CCTV we also invite a member of your team onto our shredding truck to watch the entire process. You can be confident that your data is in safe hands and no data ever leaves your site without being destroyed.
5.Appoint a person or team to be responsible for the destruction of all your data-bearing media: Planning is crucial to maintaining safe practice. Create the best practice for your business, dependant on the size and scale.
By improving your approach to data-security will ensure you never face a data-breach. DiskShred is here to help you improve this aspect of your business and create peace knowing that your data is safe with us. Many businesses don’t take these essential steps. Even if your hard drives are stored in a secure place if the information is still intact there’s a chance that it could be opened. The shredding of a Hard Drive destroys the mechanism, drive platter, electronic elements. DiskShred shreds the entire hard drive into 20mm or 6mm pieces in all directions, using our industrial-grade shredding equipment. This permanently destroy the drive and with it any access to the data. Following the destruction of your data-bearing media service, you will receive your Certificate of Destruction as to provide you with an audit trail and validate that information has been destroyed in a compliant format under the GDPR.
At DiskShred we guarantee your peace of mind – so whether you are looking for a regular shredding or something a bit more bespoke, be sure to contact us. Our cost-effective solutions for shredding in Europe will have you asking yourself why you never used us before. All clients have specific requirements, so we tailor our approach around you and your needs. Our shredding process is simple – we go the extra mile to get the job done for you in an ultra-secure manner.
DiskShred can provide a complete end-to-end service for the disposal of your retired IT equipment. IT asset recovery can transform end-of-life IT equipment from a cost by unlocking residual value.