General Data Protection Regulation (GDPR) and Document Management
GDPR takes effect from 25th May 2018 and brings data protection legislation into line with new, previously unforeseen ways that data is now used. This law (it is not a Directive like the the 1995 EU Data Protection Directive which it supersedes) requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly.
The GDPR introduces tougher fines for non-compliance and breaches than the 1995 Directive, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.
Your Office Print and Document Management Processes – getting GDPR Ready
Ensuring that your office print equipment and document management processes are compliant with GDPR is critical in two key areas:
Printers & Internet Security
Printers that are connected to a network create a potential internet security risk. Printers on a network can be open to access from the outside world. You need to make sure you have the necessary internet security in place to prevent that from happening, so that in the context of GDPR personal data is secured.
Managing Paper & Printed Documents
Printed documents need to be effectively controlled and secure. Under GDPR you need to have clear document handling processes in place to manage and account for all instances of personal data. This includes printing, scanning and copying documents containing personal data.
Ask yourself a couple of questions about paper documents in your organisation:
- Can you describe the end to end process for handling a document containing someone’s personal data?
- Is every paper document accounted for when it comes off a printer?
- Can you provide an audit trail for every printed document?
- Can you track a paper document right through your organisation?
If the answer to any of these questions is no then you are almost certainly not GDPR compliant. You need to make sure you have a process in place for the life of the printed document, and make sure that every piece of paper containing personal details is accounted for and managed effectively to comply with GDPR.
GDPR means you will need to give individuals’ Right to Access their stored data, as well as their Right to Erasure / Right to be Forgotten for that data. In both cases are you sure you could access all the personal information you hold on that person, both electronically and on paper?
We have the solutions to ensure you comply with GDPR:
Electronic Document Management.
We have years of experience in implementing effective Electronic Document Management solutions in businesses, using scanning and text recognition technologies. Streamlining your paper systems into electronic based systems makes it easier to comply with GDPR by tracking your documents securely and consistently.
Managed Print Solutions.
Managing the volume of printed documents within your business will make tracking documents easier. Using Managed Print Services we have successfully saved businesses up to 50% in print costs by identifying ways rationalise printing within organisations. In the context of GDPR, this expertise combined with our understanding of the GDPR Regulation, means that we are ideally placed to ensure your print systems comply.