Why Just Buying A Shredder Isn’t Enough For Security
Since the introduction of the GDPR legislation last year, sales of home and office shredders have soared. However, as a recent article for Professional Security points out, this isn’t necessarily enough to ensure you’re not breaching data protection legislation as a business.
Writing for the news provider, Mark Harper, of office tech company HSM, explained that in some cases businesses may not be GDPR compliant simply by shredding documents. The confusion lies in the fact that there are seven official levels of security.
These denote the particle sizes that certain documents need to be shredded to. However, with so many options, companies may not realise that they’re destroying documents in the wrong way.
“Shredding sensitive data at an incorrect or unknown level can nearly be as detrimental as not shredding at all,” Mr Harper asserted.
Organisations, therefore, need to make sure they are clear on which security level different parts of the business should be shredding at, and what security level their shredders operate at.
If all of that sounds complicated, you may be better looking for confidential data destruction services provided by a company that will be familiar with the relevant legislation and therefore ensure that you’re on the right side of the GDPR law.
In many cases, it seems as though the focus has been on improving cybersecurity in many businesses. In fact, the 2019 Cyber Security Breaches Survey, which was published earlier this year, found that 30 per cent of businesses and 36 per cent of charities had made changes to their data security procedures following the introduction of GDPR.
Now it would seem it’s time to look at their physical data destruction practices too to ensure they’re fully compliant across the board.