B&M advise on upcoming General Data Protection Regulation Back

B&M advise on upcoming General Data Protection Regulation In just 12 months there are new data protection regulation coming into force, which will apply whatever the implications of Brexit may be. Secure shredding of business documentation is more important than ever when the regulation commences.The new legislation provides clear rules companies must follow when handling personal information.

Crucially, it affects all companies, anywhere in the world, if they are processing information about an EU citizen, then they must comply with the regulation. Enforcement will also be extended; once the new regulation comes into place, organisations that are not fully compliant will face fines of up to 4% of their global turnover.

Paul Curtis, Director at B&M Secure Shredding said “Companies will be expected to have a document management process in place, meaning they cannot hold personal information for any longer than necessary. They must also have a comprehensive data breach notification plan and clear statement in plain English about how they intend to use any data they gather. Public sector organisations with large amounts of personal data must appoint a Data Protection Officer (DPO) and private sector companies are also advised to consider this too.”

“Importantly for all companies, the GDPR required appropriate measures to protect personal data in the workplace. A Shred-everything Policy specifies that every document must be securely shredded when no longer needed. Under the GDPR every company must show compliance, and B&M Secure Shredding issue all customers with a certificate of destruction following every shred, covering them should they receive an audit.”
If companies are looking for further advice on remaining compliant ahead of the GDPR, B&M Secure Shredding can assist, by offering a fully accredited secure shredding service. Find out more at www.bagnallandmorris.com/shredding