• The significance of building a data protection culture

        • Data protection regulations are clear and have been for some time now. So why are organisations still tripping up? Mark Harper of HSM investigates how a lack of company culture may be affecting their approach to data protection.

          Back in May 2018, GDPR came as a culture shock to many. But in reality, it never should have been like that. Despite organisations claiming that sensitive and confidential customer information was being used in the right way, it wasn’t. The benchmark was raised. Many businesses had become too complacent and the blurred lines of what was the right and wrong way of processing sensitive data had suddenly been made a lot clearer.

          For some, their methods and ideologies didn’t change much, meaning internal culture towards data protection remained the same. But as new data protection cases continue to make the headlines, it’s clear that outdated methods and cultures simply won’t cut it anymore.

          With data security experts continually reminding businesses to move away from a ‘tick box’ mentality, how should organisations force that change? Well, aside from data protection officers, the responsibility falls under directors and upper management. Company culture needs to be driven from the top and developed throughout.

          Education plays a huge role in the success of this. Although we can’t expect each individual to understand the ins and outs of data protection, courses and expert guidance is now (and has been for some time) readily available. For example, the key to sensitive data destruction is appropriate levels of security.

          Under GDPR, strip-cut shredding levels P-1 and P-2 simply can’t be considered to provide adequate protection for personal data. And while tailored advice on how to remain compliant is available, most organisations should consider a minimum standard of P-4 crosscut or P-5 micro-cut levels of security. By sharing that guidance, both individuals and larger departments can understand the responsibilities of the business, accountability and how to approach their role throughout the process of data destruction.

          In addition, business leaders must set aside a budget for robust data destruction methods. Without it, cheaper alternatives are sought, which can bring with them unsightly and highly expensive results. As most security experts agree, for confidential paper documents, the most secure method of destroying data is using an internal shredder at the correct security level. For larger departments, this may mean multiple shredders are needed to ensure each individual can complete their role effectively.

          And while the approach to methods may differ depending on factors such as facility size or information processes, there are best practices that can be ingrained into almost any company culture. For example, many security experts promote a ‘shred little and often’ approach to ensure paper documents don’t build up and are subsequently at risk of loss or theft. 

          By implementing these small, but positive changes to sensitive data destruction procedures, - that are enthusiastically backed by senior management - an organisation can feel comfortable in knowing that they have done everything they can to apply a positive data protection culture.

          As we approach a new era of GDPR, organisations need to truly reflect on whether they themselves must enter a new era of internal data protection culture.

          All departments, from top to bottom, should be proactive in deciding whether their sensitive document destruction procedure is appropriate to their real requirements. Only when businesses have a holistic approach to data protection culture can they be sure that they’re tackling document security correctly.

        • Stay up to date - Click here and register for FREE OEN online membership and enjoy unlimited access to a host of benefits including the exclusive members area of the website, downloadable business tools, current and back issues archive, priority breaking news alerts, weekly e news summary and the OEN app

        • Related Articles

        • 71% healthcare organisations more concerned than ever about insider threats

          71% healthcare organisations more concerned than ever about insider threats

          Wednesday 21st Oct 2020 by clareb
          Netwrix, a cybersecurity vendor has announced additional findings from its 2020 Cyber Threats Report. Netwrix conducted this online survey in June 2020 to understand how the pandemic and ensuing work-from-home initiatives changed the IT risk lan...Read More...
          Retailers must prioritise H&S ahead of online xmas sales spike

          Retailers must prioritise H&S ahead of online xmas sales spike

          Wednesday 7th Oct 2020 by clareb
          With tighter coronavirus restrictions forcing increasing numbers of Christmas shoppers online this year, compliance authority Bureau Veritas is advising retailers and logistics firms to prepare for the extra health, safety and hygiene risks this rise...Read More...
          Legacy print infrastructure is major barrier to digital transformation

          Legacy print infrastructure is major barrier to digital transformation

          Wednesday 16th Sep 2020 by clareb
          Lexmark recently commissioned IDC to conduct a study that uncovers dated print infrastructures as an obstacle to digital transformation. Despite three in five enterprises recognising that lingering print infrastructures are a significant barrier to s...Read More...
                • About Us

                  OEN is the leading source of business news and information for buyers of office equipment, supplies and services within mid tier and up sized organisations. Our multi-platform approach delivers relevant, engaging and focussed content via our main printed magazine, bespoke guides and supplements, website, digital editions, apps, and newsletters with an unrivalled reach across the industry. A highly trusted and respected brand for many years, the print version of OEN last year celebrated its Diamond anniversary.

                  For our latest Media packs and more details on our range of services click here

                • View Latest Issue