QUICK QUIZ – Answer 5 questions to check if you are data compliant
The data compliance/protection genre can be an absolute minefield!
There are regulations and legislation that govern all of your data, whether it is soft or hard – that being either online or paper copies of documents. All of this is monitored by the Information Commissioner’s Office (ICO) who are an independent authority set up to be responsible for enforcing/upholding information rights and data privacy for individuals in the UK.
This organisation was brought into being to ensure businesses and companies took seriously the issue of data protection and compliance. Ignorance of the rules and regulations will not be considered a defence, so it is important to be able to certify that everything is being done to cover this important area of data security.
Outlined below are 5 simple questions that will determine your current level of compliance, perhaps highlighting the gaps you may have:
- Are you registered on the Information Commissioner’s Officer’s (ICO) Data Register?
Nearly all businesses, companies and organisations will be sharing or using data and should be registered. Depending on the size of the business and amount of employees will determine which tier they reside – there are three tier levels.
- Do you have a Data Protection Officer?
If you share or use data you are required to have a dedicated person within your organisation overseeing this. At the very least this person must be knowledgeable, independent and have a good understanding of the regulations governing data protection/compliance.
- Do you have retention schedules in place for your documents?
All documents will have some sort of level of shelf life, for some paperwork they are required to exist for 7 years, others much longer depending on what the documents are for. But the one thing they all have in common is that they are not be retained for longer than is necessary, hence the reason for a retention schedule which will signal secure destruction at the appropriate time.
- How secure are your online documents?
Long gone are the days when paper was the only way to store/record data. The vast majority of businesses hold at least some of their data electronically, either on a server or in the cloud. The rules that exist for hard copy documents apply in exactly the same way to “soft” files and it is the duty of that organisation to ensure that proper security is in place and that all data is protected.
- What process is in place to dispose of company paperwork?
It is important that every organisation puts measures in place to securely shred any hard copy documents that contain data (either personal or business). If any confidential documents were to be discovered in the public domain then the penalties for this breach could be very severe indeed.
The solution is to find a supplier partner that can help answer the 5 simple questions above, but also help with a lot more in the data compliance arena!
The Document Warehouse (TDW) can facilitate and help in this complex area – whether it is helping you register with the ICO, becoming your outsourced Data Protection Officer, putting retention schedules in place, implementing an Electronic Data Record Management System (EDRMS) or organising secure shredding for you, The Document Warehouse (TDW) has the expertise and knowledge to keep you compliant and protected.