Are You Observing Data Protection Day?
Today (January 29th) is Data Protection Day and while we hope that all businesses out there are fully compliant with data protection laws – especially important now that GDPR is an everyday reality for brands – having a specific day each year to remind companies of their specific responsibilities certainly can’t hurt.
The Council of Europe launched Data Protection Day back in 2006, with January 28th being the date that the data protection convention – Convention 108 – was opened to signature. Every year, parliaments, governments and national data protection bodies around the world carry out activities to raise awareness about the rights to privacy and personal data protection.
The UK’s data protection landscape has changed massively in the last 12 months, in large part because of the GDPR, dictating that all businesses holding and processing personal information – irrespective of industry or location – must prioritise data protection… and if failures happen in this regard, hefty financial penalties can be handed down.
If you’re keen to avoid being penalised in this way, you need to make sure that your IT department has put together a data assessment report so you know where any and all personal data is being held, and so you can document how this data is collected and processed.
Under GDPR, you’re also required to notify the relevant authorities if a data breach does occur, letting them know within 72 hours of confirmation of said breach.
From a business perspective, this means that you have to be able to understand who gained access to the information in question, what happened and when it took place… so you do need to have the right kind of robust technological systems in situ to make sure you can access the required information to give to the authorities if necessary.
One of the best ways you can protect yourself and your business is by restricting access to information so that only those who need to see it can. This will reduce the risk of data being leaked or breached, so make sure that you analyse and review your data handling processes and procedures on a regular basis to keep on top of this.
It’s certainly very useful having a Data Protection Day to remind you of your responsibilities where personal information is concerned, but it’s also important to remember that your responsibilities are ever present and you should be prioritising data protection on a day-to-day basis throughout the year.
A brilliant way of going about this is by focusing on confidential destruction of information and enlisting the services of a document shredding company in London, which can come in and ensure that all your sensitive data is properly destroyed in a safe and secure manner, thereby seriously reducing the risk of a breach.
This also means you can show the relevant authorities that you’re taking all the necessary steps to protect consumer information in the event of a breach.