contact call08003764422

 

Restore Datashred News

Handling Data Post Brexit
/ Categories: Datashred News, January

Handling Data Post Brexit

This transition period for the UK as it leaves the EU it’s important to make sure that you are clear on the rules around data handling and are prepared.

It is still unclear exactly what changes businesses and industries will need to implement in order to function under new ways of working once the United Kingdom is operating independently. What we do know however, is that the majority of the GDPR legislation offering increased data protection to individuals living or working in, or having dealings with, the European Union, was mirrored in the UK’s Data Protection Act of 2018.

The DPA 2018 sets out seven key principles for data handling:

· Lawfulness, fairness and transparency

· Purpose limitation

· Data minimisation

· Accuracy

· Storage limitation

· Integrity and confidentiality (security)

· Accountability

While there are subtle differences in the scope of both sets of legislation, such as the powers invested in the Information Commissioner’s Office (ICO) or the requirements for processing criminal data, these do not change the need to ensure watertight confidentiality for personal information, from the moment of its creation to the moment of its destruction.

What constitutes confidential information?

It might be easier to ask: ‘What doesn’t? as HR records, financial and accounting documents, product development presentations, customer correspondence and banking details, for example, are easy to identify as ‘private’ and needing to remain so. There are also email exchanges that may include one customer and several departments within one business, telephone calls, which are often recorded for training purposes, and the individual’s right to be deleted from an organisation’s systems. It’s essential therefore to consider how many of these instances occur within your business so you can identify what must remain confidential until the point of destruction.

What does this mean for all those who hold, handle and process confidential data in any format?

This is the same as being GDPR compliant – making sure to close all gaps and safely carry out confidential data destruction that could present risk of data breaches (and resultant heavy fines) occurring. The best way to do this is to use professionally managed data and records management systems that include well informed teams and colleagues, file, disk and back-up tape management and have a correctly implemented retention and disposal strategy. 

This is where end-of-shelf-life, secure, professional data shredding is crucial.

How safe and secure are shredding services?

Correctly managed, your confidential waste will have an unbroken chain of custody. This means that it is handled by security-checked, trained operatives, that it is audited and certificated through EDM and CRM systems and that at no point is anyone allowed to get their hands on your information who shouldn’t.

Professional shredding is therefore one of the most secure services for confidential material and document disposal. At Restore Datashred, we are committed to data protection and customer service excellence and have worked hard to achieve extensive accreditations to give you peace of mind that you are working with data shredding and disposal experts.

Some of our accreditations:

ISO 9001

The service quality standard provides you with a guarantee that our service processes are based on best practice. As part of ISO 9001, we have both BSEN15713, the European Shredding standard, and BS7858, the Staff Security Vetting standard – both of which are key parts of our security protocols and ensure your confidence in our processes.

ISO 27001

This standard highlights our commitment to effective information security and means that all our employees are security checked to BS7858.

We are PCI-DSS compliant – this set of standards is used by the payment card industry and is designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. It is an accreditation that must be achieved every year, so there’s no resting on our laurels.

Most important of all, we are registered with the Information Commissioner’s Office (ICO) – as required by the Data Protection Act 2018.

Restore Datashred: we are prepared

If you have been contemplating how to dispose of confidential documents, digital media or branded textiles should trading conditions and regulations change in January 2021, why not give our friendly and well-informed customer service team a call on 0800 376 4422 to discuss how we can destroy it safely, securely and compliantly. We offer both on-site and off-site data destruction services to find the perfect service for your needs. Find out more about our services at www.restore.co.uk/datashred

Print