• The significance of building a data protection culture

        • Data protection regulations are clear and have been for some time now. So why are organisations still tripping up? Mark Harper of HSM investigates how a lack of company culture may be affecting their approach to data protection.

          Back in May 2018, GDPR came as a culture shock to many. But in reality, it never should have been like that. Despite organisations claiming that sensitive and confidential customer information was being used in the right way, it wasn’t. The benchmark was raised. Many businesses had become too complacent and the blurred lines of what was the right and wrong way of processing sensitive data had suddenly been made a lot clearer.

          For some, their methods and ideologies didn’t change much, meaning internal culture towards data protection remained the same. But as new data protection cases continue to make the headlines, it’s clear that outdated methods and cultures simply won’t cut it anymore.

          With data security experts continually reminding businesses to move away from a ‘tick box’ mentality, how should organisations force that change? Well, aside from data protection officers, the responsibility falls under directors and upper management. Company culture needs to be driven from the top and developed throughout.

          Education plays a huge role in the success of this. Although we can’t expect each individual to understand the ins and outs of data protection, courses and expert guidance is now (and has been for some time) readily available. For example, the key to sensitive data destruction is appropriate levels of security.

          Under GDPR, strip-cut shredding levels P-1 and P-2 simply can’t be considered to provide adequate protection for personal data. And while tailored advice on how to remain compliant is available, most organisations should consider a minimum standard of P-4 crosscut or P-5 micro-cut levels of security. By sharing that guidance, both individuals and larger departments can understand the responsibilities of the business, accountability and how to approach their role throughout the process of data destruction.

          In addition, business leaders must set aside a budget for robust data destruction methods. Without it, cheaper alternatives are sought, which can bring with them unsightly and highly expensive results. As most security experts agree, for confidential paper documents, the most secure method of destroying data is using an internal shredder at the correct security level. For larger departments, this may mean multiple shredders are needed to ensure each individual can complete their role effectively.

          And while the approach to methods may differ depending on factors such as facility size or information processes, there are best practices that can be ingrained into almost any company culture. For example, many security experts promote a ‘shred little and often’ approach to ensure paper documents don’t build up and are subsequently at risk of loss or theft. 

          By implementing these small, but positive changes to sensitive data destruction procedures, - that are enthusiastically backed by senior management - an organisation can feel comfortable in knowing that they have done everything they can to apply a positive data protection culture.

          As we approach a new era of GDPR, organisations need to truly reflect on whether they themselves must enter a new era of internal data protection culture.

          All departments, from top to bottom, should be proactive in deciding whether their sensitive document destruction procedure is appropriate to their real requirements. Only when businesses have a holistic approach to data protection culture can they be sure that they’re tackling document security correctly.

        • Stay up to date - Click here and register for FREE OEN online membership and enjoy unlimited access to a host of benefits including the exclusive members area of the website, downloadable business tools, current and back issues archive, priority breaking news alerts, weekly e news summary and the OEN app

        • Related Articles

        • Failure to shred puts UK businesses at risk of fraud and fines

          Failure to shred puts UK businesses at risk of fraud and fines

          Thursday 23rd Jul 2020 by clareb
          Quadient has announced the findings of a survey into attitudes and behaviours relating to storing and destroying sensitive printed materials in UK offices. The survey of 1001 UK office workers (excluding sole traders) conducted in April 2020, sh...Read More...
          Lockdown easing reducing workplace mental health stigmas

          Lockdown easing reducing workplace mental health stigmas

          Monday 6th Jul 2020 by clareb
          While lockdown restrictions are continuing to ease, certain changes to the way we work – such as widespread remote working – look set to become a permanent fixture in some capacity. With the workplace still in a state of flux and many emp...Read More...
          Shared office spaces tentatively reopen

          Shared office spaces tentatively reopen

          Friday 5th Jun 2020 by clareb
          Across the network of 5,000 shared office spaces in the UK, the task of being able to reopen safely has been a huge one – requiring careful planning and determination in the face of negative press and Government restrictions. Reopening a share...Read More...
                • About Us

                  OEN is the leading source of business news and information for buyers of office equipment, supplies and services within mid tier and up sized organisations. Our multi-platform approach delivers relevant, engaging and focussed content via our main printed magazine, bespoke guides and supplements, website, digital editions, apps, and newsletters with an unrivalled reach across the industry. A highly trusted and respected brand for many years, the print version of OEN last year celebrated its Diamond anniversary.

                  For our latest Media packs and more details on our range of services click here

                • View Latest Issue