Having adequate data protection in place is critical for any business, a breach of data protection law can compromise the business operations, damage the business’s reputation and could even result in a £500,000 fine.
The world of data protection can be an overwhelming one, so this quick list of data protection dos and don’ts was developed to help you make the right data protection decisions for your business.
DO Know the Risks and Your Obligations as a Business Owner
It is important to understand that not every organisation is the same. Each will have its own unique data protection obligations and level of risk. There is no one-size-fits-all method of protecting your business, so it is important that data protection and privacy policies be customised to your company’s needs.
DON’T Use Information For Any Other Purpose Than Intended
It is important to never use or allow anyone to use information for any reason other than what it was collected for. This could be a breach of privacy and confidentiality, as well as put the data at risk.
DO Educate Your Employees
It is important to keep all employees on all levels in the loop. Train your employees well on all policies and procedures, make sure they are aware of what papers to keep and what to throw away as well as which should be shredded, and educate them on the risks to data security and the importance of remaining compliant and diligent with data protection law.
DON’T Leave Information or Data Unattended
Never leave computer terminals unattended while logged in – not even for a few seconds! Make sure paperwork is not left on desks, printers and at fax machines and documents are always filed away or shredded after use.
DO Delegate Responsibility
Appoint a capable, trusted individual to have complete responsibility for all things confidential data-related. They should be in charge of ensuring confidential information is protected, never leaves the four walls of your office and is destroyed once it is surplus to requirements.
DON’T Ignore Security Updates
Almost all security software needs security updates or patches installed eventually, and failure to implement these updates leaves gaps in security which data thieves and fraudsters can exploit. Regardless of reasons you may hear in favour of prolonging or avoiding updates, you should always install them.
DO Encrypt Files
Encrypting files is of the utmost importance. Without encryption anybody who intercepts data from your organisation will have complete access to it, which could compromise client, staff and business security.
DON’T Use Business Computers for Personal Reasons
Statistics indicate that over 75% of employees use their work machines for personal activities – but your business’ security software may only be set up to protect threats which could come from areas and sites which staff use as part of their work.
DON’T Underestimate the Importance of Out Of Office Security
Many businesses are reaping the benefits of having employees do their job from remote locations, however this does not come without risk. Ensure remote workers are using safe and effective technology to minimise the chances of a security breach.
DO Shred Everything Once it’s No Longer Needed
You could have the most secure password and the most up-to-date virus, malware and hacking protection software installed, but it’ll all be for nothing if a bin-diver steals a few confidential documents and uses them at your and your customers’ expense. For any business concerned with data security, shredding is the best method of confidential document destruction, and we at Datashredders provide an industry-leading service.
Call Datashredders and we’ll visit your premises and shred confidential documents, as well as laptops, hard drives, data discs and anything else that could conceivably hold confidential information, issuing you with a destruction certificate to ensure your peace of mind and leaving you and your staff more time to take care of more profitable tasks.