Getting ahead of GDPR

On May 25^th 2018 one of the biggest changes ever made to the data protection laws will come into effect.

The General Data Protection Regulation (GDPR) will replace the Data Protection Act (DPA) and there are steps every single UK business needs to take to ensure it is abiding by the new rules. Although there are many similarities, there are also a lot of new elements which will need consideration. It’s also worth noting that although this is an EU Directive, Brexit will not have an impact – even after we’ve left the EU, GDPR will still stand as British Law

Studies are showing many businesses are worryingly underprepared. The Information Commissioner’s Office (ICO) has lots of useful information – including this 12 step plan. We’ve developed our own 10-point guide, to keep things nice and simple, which you can access here.

You can also find out what McCarthy’s are doing in preparation for GDPR here.

Put basically, the GDPR will increase protection of personal data for consumers, and hopefully leave them less open to being a victim of fraudulent activity. Individuals must now give consent for their personal information to be captured and kept – ready ticked boxes will be banned and people must actively choose to opt in, with companies keeping records of this consent. People also have a right to be ‘forgotten’ if they so request it. The regulations are relevant to any organisation which works within the EU and the penalties for breaking the rules are extremely tough. Instead of reaching the current £500,000 fine, companies found breaching the GDPR could find themselves £17 million worse off – or 4 per cent of their total worldwide annual turnover, if that’s higher.

Some organisations will have to designate a data protection officer, if they are deemed to hold public records on a significant enough scale. However, even if you don’t fall into that remit, it makes sense to have someone within your company who takes responsibility for ensuring you’re complying with the new regulations.

Get In Touch with our Safe Shred & Document Management Teams for Advice

Call: 0113 262 4000

Email: hello@mjmccarthy.co.uk

Visit: The Storage Centre, Meanwood Road, Leeds. LS7 2AH.

Here at McCarthy’s we’re taking the same steps as all businesses to ensure we’re compliant with GDPR. This involves checking our processes and records thoroughly, updating our website and data capture facilities and delivering staff training, so everyone understands the new rules and their part to play in them.

There are three ways we can help other organisations to meet their GDPR requirements:

• Confidential waste disposal – industrial shredding is the only failsafe way of disposing of confidential material that is in printed or written form. Standard shredders will only shred vertically, which can still be reassembled if someone really wanted to. We can provide locked bins to collect the relevant waste, which we can then cross-shred at our secure facility, or even on site in mobile vans. All of our team are properly vetted for security purposes. We then provide you with a certificate of destruction as proof.
• Electronic waste disposal – hard drives, USBs, laptops – all can contain valuable information which could fall into the wrong hands. Often wiping this data in the usual way isn’t enough to ensure it’s gone forever. We can wipe and then destroy your electronic equipment in line with the WEEE Directive.
• Document management – the new regulations mean you need to be fully in control of the files you keep – in terms of keeping them safe, how long you need to keep them and how you access them quickly if requested. Our document management service uses a barcode system to ensure you can easily find whatever it is you need, as well as allowing us to file information such as a date to destroy the documentation, which we can do automatically through our Safe Shred Our warehouse is protected by state of the art security systems, so you can be sure the items you leave with us are safe.

If you want to find out more about how we can help in relation to GDPR, please don’t hesitate to get in touch.