search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
DATA & DOCUMENT MANAGEMENT


errors could all lead to that dreaded data breach fine. Once paper documents containing private information are taken off-site, those confidential documents can be handled by multiple people as part of the process.


What’s more, you can’t be sure of the exact security level shredding services are shredding your confidential documents to. Many people think that their shredding service is shredding to a similar particle size as a cross cut office shredder, but often shredding trucks and off-site shredders will barely meet the lowest level P-1 DIN security standard.


Can you confidently say that you know what size your paper is shredded to? The new GDPR coming into force in May this year states you should, as you are still responsible for the security of your confidential personal information even after you have handed it over to a contractor to shred. So, what can be done to ensure you meet GDPR compliance when using a shredding service? Chiefly, you should audit your shredding service provider periodically to ensure they are providing an appropriate level of security.


Thoughts also then turn to the likelihood of errors and/or accidents. Whilst there are mobile shredding trucks, many external shredding services will pick your documents up to then transport to a shredding depot. Through transportation your confidential documents are at risk of breach via accidents, loss, driver error or even theft.


To put it simply, control is completely taken away from your organisation. It is also fundamental to know that you still bear the full responsibility for the security of personal information on the documents you have handed over, even when handed over to an external shredding provider.


What’s more, most shredding service providers issue a ‘certificate of destruction’ as a confirmation that documents have been destroyed. However, the certificate is meaningless – specific documents are not logged or individually tracked. It merely represents the fact that a large quantity of unspecified documents have been collected and destroyed to an unspecified standard – which offers no protection in the event of a data breach whatsoever.


However, when using an office shredder at P-4 or above you know the document has been securely destroyed beyond any reasonable doubt and there’s no need for a certificate to prove that this has been done successfully.


Shredding your profits In addition to the aforementioned security risks, monthly costs spent on external shredding services can quickly add up. With the impending regulations likely to increase shredding output these monthly costs can negate the originally offered cost effectiveness.


As many organisations are finding out, using an in-house solution is considered a more financially viable answer to GDPR compliance. A shredder can be up to 80% cheaper to operate over five years compared to a third-party shredding service. These savings aren’t only applicable for office-based organisations but they also apply to small and medium-sized-enterprises alike.


www.tomorrowsfm.com


An NHS establishment, Frimley Park Hospital, found substantial savings when installing a large HSM in-house shredder-baler machine. The hospital recovered their capital investment on the installation for less than 12 months’ cost of their former shredding service contract. Over a six-year period, they saved over 80% of costs which they would have otherwise incurred if they had retained their shredding service.


“A shredder can be up to


80% cheaper to operate over five years compared to a third-party shredding service.”


The hospital has also been able to generate income from the sale of their baled shredded paper waste. A secure investment, whilst also having the peace of mind knowing that confidential documents are safely and securely destroyed on-site.


Inner security GDPR awareness is now a hot topic, so organisations looking to implement an in-house solution should look to take action now.


In the first instance, having a clear data protection and shredding policy throughout your organisation is one of the best ways to remain compliant. It’s advised for teams to shred little and often and to secure all confidential documents by implementing a clear desk policy. Staff should get into the habit or routinely shredding everything as soon as the document is no longer needed.


Staff awareness is one factor to not be forgotten. Employing a data protection officer is the right way to begin preparation but it’s imperative that company-wide awareness and training are not overlooked. All staff within an organisation must understand the risks of GDPR, including what is classified as personal and confidential documentation, how to handle and dispose of it, and what to do when they suspect a data breach.


Whilst some may argue for the efficiency of third-party shredding services, it’s much safer to ensure all staff are aware of GDPR and deal with it in the most appropriate ways internally. After all, using a shred on-site policy is classified as a more secure solution under the DIN 66399 standard than subcontracting.


It’s important to consider the added security of shredding in-house. Using an internal shredding solution gives you and your organisation full control, removing all possible liability issues that may come with subcontracting. Not to mention the beneficial factors of long-term cost savings.


Dealing with GDPR internally means liability lies with you, and you only. Don’t compromise on security, maintain compliance internally.


https://uk.hsm.eu/cms/uk_pages/10150 TOMORROW’S FM | 79


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88  |  Page 89  |  Page 90  |  Page 91  |  Page 92  |  Page 93  |  Page 94  |  Page 95  |  Page 96  |  Page 97  |  Page 98  |  Page 99  |  Page 100