Making print and document workflows GDPR compliant

Confidential data flows along your business’s print, scan and copying systems. Not only is it in the interests of your organisation to keep it safe, regulations make it a necessity.

With incidents such as the recent NHS hack imprinted on the horizon, the integration of security solutions into workflow processes is becoming all the more pressing. And, to complicate things further for your business, the General Data Protection Regulation becomes enforceable on 25th May 2018.

The GDPR will supersede national laws such as the UK DPA and the EU Data Protection Directive. So, how will this affect your print, scan and copy processes? As experts in document workflow security, RDT can bring your systems in line with GDPR to enhance process security and ensure you are compliant.

As such, to help you get started, here’s 7 things your business needs to know about GDPR.

1.GDPR: increase in fines

Lawmakers have highlighted a number of data protection provisions they considered to be most important. Infringement of these could lead to the imposition of fines of up to €20 million or 4% of global annual turnover for the following financial year.

Likewise, other breaches could trigger fines of up to €10m or 2% of global annual turnover.

2. GDPR: will affect all sizes of business

Small, medium, large: GDPR is set to affect all. Initially, the regulation will impact business with more than 250 employees that process more than 5,000 personal records every year. As time passes though, any organisation which manages personal data will be compelled to comply.

3. GDPR: encryption is compulsory

Under GDPR, encryption of personal data and its multitude of uses will be required.

4. GDPR: data subjects have the right to erasure

Unless your organisation is required to hold personal data for legal reasons, individuals will have the right to ask for it to be removed.

5. GDPR: reporting breaches

Experienced a breach? If so:

  • You must notify a local data commissioner within 72 hours

An appointed independent data protection officer is also mandatory for every organisation more than 250 employees.

6. GDPR: personal data viewed as a risk

Regardless of sector, almost every business handles the personal data of customers and employees. GDPR decrees that this data must be managed within a lifecycle defined by policies and compliance.

7. GDPR: will change privacy policies for non-EU countries

The General Data Protection Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union. Even so, it will affect businesses which reside outside the Union. And, as many predict, the GDPR could become the prevailing standard.

Feeling insecure about your print infrastructure?

Unsure how to comply with the GDPR? Document, print, process and data security specialists RDT are standing by to help.

Email, call 0344 264 0791 or fill in the form below:

Enquiry Form