As the significant new data security regulation, the General Data Protection Regulation (GDPR), comes into force in May 2018, Darren Bird, Head of Technology at Xeretec, explains how businesses can stay compliant.
Irrespective of how security conscious we have become in the digital era, the recent cyberattack on the NHS was a sobering reminder about the online vulnerabilities that all private and public sector organisations are still exposed to.
Cyberattacks come in many forms, with many resulting in confidential data either being exposed or compromised.
But security breaches don’t just arise from large scale, high-profile attacks. Sometimes poor internal processes, or a lack of diligence, can result in a breach.
In a bid to force companies to be even more proactive in their efforts to protect company and customer data, the EU has announced the GDPR will come into action in May of next year.
In the case of a breach, the EU is warning of hefty fines of up to €20m, or 4% of a company’s annual worldwide turnover – whichever is greater.
Here are our recommendations to help avoid GDPR non-compliance:
Implement measures to keep your data safe:
The primary objective of the GDPR is to strengthen and unify data protection for all individuals within the EU. This will ensure all organisations provide a broader duty of care to their customers, to prevent their personal details and data from leaking, so it is crucial that businesses start to think about the security measures they will put in place to comply with the GDPR.
The EU specifies that personal data is:
“any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
Don’t overlook print from a security perspective:
In the context of document imaging and print, it’s well known that unprotected print devices can be a source of data leaks. Private data is still being left unclaimed on devices, even though solutions already exist to mitigate the risks. While May 2018 may seem some time away, now is the time for all organisations to start assessing how ready and able they are to comply with the GDPR. Xeretec ensures that all its clients’ print is secure and has vast experience helping businesses to understand the security vulnerabilities print exposes them to
Find print solutions to comply with GDPR:
Xeretec can also provide intelligent print management solutions that enable IT administrators to set up automated workflows. These can detect if documents contain specific patterns relating to data, such as bank or credit card details, personal health information, or sensitive company data. It can then redact any, or all, instances of that pattern in a document.
On top of that, it is sophisticated enough to flag up incidents of potential compliance violations to a company’s chief data, security or compliance officer, thereby acting as an early warning system ahead of a potential breach.
Having a secure print function is another way that businesses can help their print comply with the GDPR, as this only allows those authorised to release prints from a device via a secure PIN code or swipe card. This is a powerful way to stop unclaimed documents being left on devices and an effective measure to help prevent security breaches from occurring.
Combined, these solutions can help deliver the type of proactive security management that could easily halt the kinds of security breaches that the GDPR is trying to prevent, therefore helping businesses avoid paying severe fines.
- Comments enabled – see comments box below. Note, all comments will be moderated.