Data Protection at Work: Setting Up A Policy for Your Workplace

Datashredders > Data Protection > Data Protection at Work: Setting Up A Policy for Your Workplace

In an age where information can be shared far and wide at the click of a button, data protection has never been more vital. Breaching data protection act laws from your workplace can have dire consequences, including legal implications if sensitive or private information is shared. That’s why creating a data protection policy within your workplace is vital to ensure that all employees know the best methods of protecting client and company data and to help minimise the risk of any team members breaking the data protection act.

A data protection policy should include all the ways you wish your staff to work in order to make sure that data is kept private and confidential at all times. You must clearly outline what you do and do not expect of each of your employees when it comes to their working methods, while also ensuring that they have all the information they need in order to keep data private.


Shredding documents is by far the most secure way of disposing of any data, whether it’s confidential or not. Shredding documents is quick, easy and destroys the risk of sensitive data or information leaving your premises. Have Datashredders take care of your shredding by setting up a retainer deal – we can visit your premises regularly and destroy anything holding confidential data onsite. Your data protection policy should include instructions to shred all documents, letters, notes and printouts referring to the business or your clients, with details of the days and times you expect the mobile shredding truck to visit.

Secure waste container

Having a Datashredders secure waste container in your workplace helps you to ensure that sensitive information in any form is disposed of carefully and intelligently. A secure waste container cannot be opened once refuse is put in it, so documents and letters can’t be retrieved once thrown away. Include the location of your secure waste container in your data protection policy so that all employees are aware of its presence and what they should use it for. When we come to collect the shredding, each of our secure waste containers slots easily into our mobile shredder, so your confidential data is never touched by unauthorised hands.

Security vulnerability assessment checklist

Compile a list of all of the possible security weaknesses at your business, including areas where your technology is outdated, sensitive data that has to be shared among a lot of people thus increasing the risk of a breach, and particularly valuable information you hold which could be extra appealing to data thieves. Pay these areas extra attention, and set aside time regularly to go through each area, marking each as safe and secured as you do so.

Clean desk policy

It is a good idea to include a clean desk policy in your data protection policy. This will instruct employees not to leave files, letters, emails or documents scattered on their desk for wandering eyes to see.

Social media

Social media is everywhere and shouldn’t be missed out of your data protection policy. Make it plain and clear that you will not tolerate any information about the company, clients or other employees being shared on social media.


Your policy should outline any potential consequences or retributions which may the business may incur for a data breach. Your employees might not take the notion of a data protection policy seriously – but if they’re made aware that fines for breaches of the Data Protection Act can reach £500,000, they might just change their tune.