One month until new data rules
DDG warns: clock is ticking to GDPR
Data protection is changing: are you ready?
The clock is ticking. Document Data Group (DDG), one of the UK’s most dynamic office technology specialists, warned today that there is only one month to go before the introduction of new data protection rules laid down by the European Union.
The General Data Protection Regulation (GDPR) (2018), which comes into effect on 25 May, is designed to protect the personal information rights of some 750 million people in the EU countries – backed by hefty financial penalties for businesses which do not comply.
But while the imperative nature of compliance has been widely flagged up, many businesses are still unsure about what is actually required of them. To address this knowledge deficit, DDG has been proactive in highlighting what can be done.
As well as accommodating the huge influx of business since January, including daily installations, DDG has set up seminars in conjunction with Scottish law firm Anderson Strathern and with the Federation of Small Businesses (FSB) in order to reach as many enterprises as possible.
It has also conducted two seminars with Royal Bank of Scotland, one with the Clydesdale Bank and it works closely with the Scottish Business Resilience Centre, which aims to create a secure Scotland in which business can flourish.
DDG Managing Director David Forsyth (right) said: “As well as working with key influencers, Document Data Group has been actively seeking out events and exhibitions in order to spread the word about the implications of GDPR.
“This is an issue which affects every business in every sector. It is not just a problem for large firms – anyone who holds personal details, such as date, name, email address, date of birth or credit card details, is affected. And penalties for non-compliance are based on turnover, with maximum fines of €20 million or 4% of annual turnover, whichever is the greater.”
Douglas McLachlan, a partner at Anderson Strathern specialising in Data Protection and the GDPR, said: “DDG has been very active in getting out the important messages about GDPR.
“The changes to the laws of Data Protection and Privacy can seem daunting at first, but compliance is achievable if you take the time to look at and put a little thought into your systems for managing, storing and protecting people’s Personal Data.”
DDG has been stressing to companies that GDPR compliance is now an ongoing issue and illustrating how Document Management Systems (DMS) are of crucial importance to the creation, storage and control of documentation.
To bring best DMS practice to the forefront of its advice to clients, the company now highlights three key areas:
DMS documents are held as images and all files are encrypted on entry so that, even in event of an attack, the risk can be minimised. Encryption of data reflects best practice and goes a long way to being compliant with GDPR.
Role Based Access Control
One of the key criteria of the GDPR is ensuring information is locked down. Staff should only have access to the information required to do their job and, with a DMS, rules can be put in place to restrict access to information.
It is the business’s responsibility to ensure paperwork is stored not only safely but also only for the appropriate period. An effective DMS can help maintain best practice by storing personal data correctly and with the facility to flag-up documents at the correct time for deletion.
David Forsyth added: “Responsible companies which handle a lot of personal data will continue to treat it with the respect it deserves. A DMS can help them to take the steps towards compliance.”
This article is supplied under the terms of the DB Direct service