When thinking about the General Data Protection Regulation (GDPR) many businesses tend to only think about how their data is stored; but what about how their data is destroyed?
Whether storing confidential documents on-site or at a secure offsite facility, documents must be protected from data breach, accidental destruction or sabotage and they must be accessible when needed. However, for any organisation to be fully GDPR compliant, documents must also be destroyed securely when required.
Organisations storing documents on-site will often choose to destroy their documents in-house. Not only does this take time away from the company’s workforce, but it can also bring about risk of non-compliance.
When shredding on-site, companies must ensure that all records are kept confidential when in transit from storage to destruction. If the correct procedures aren’t adhered to, this may pose a risk of data breach. Files left around the office may be seen and/or moved by unauthorised employees, or – depending on the nature of a business – may be subject to theft.
By opting for a secure and accredited offsite shredding service provider, companies need not worry about the security of their confidential documents from collection to destruction. The Maltings is a Registered Waste Carrier, which operates using GPS tracked service vehicles, driven by fully trained and DBS checked archivists. Companies utilising our services know that their confidential documents are in safe hands from the moment we collect from them.
In order to remain fully compliant, proof of destruction must be produced for files destroyed. Certificates of destruction can be produced manually, however, this adds to the amount of time spent for one or more employees to destroy old data. For each collection of confidential waste, we provide a fully comprehensive certificate of destruction, recording the volume and date of shredding, so that our clients have a full record of all documents destroyed with us.
What some may consider to be a small detail, but can have a big impact on the level of risk of data breach, is the shredding technique used. The typical shredding method is known as strip cut shredding, which cuts each document into strips of around 2100mmsq. A far safer option that makes each shredded document far harder to reassemble is known as cross cut shredding, which cuts each document into smaller segments of around 10-20mmsq. Although cross cut shredding is not currently a legal requirement for the destruction of confidential documents, it is a far greater method to safeguard against data being recovered after destruction. For this reason, cross cut shredding is the method we adopt at The Maltings when destroying our clients’ data.
Data destroyed at The Maltings is further protected by shredding in bulk. In-house document destruction usually consists of small volume, if not single document shredding, which if utilising the strip cut method makes reconstitution of these documents less of a challenge. Through bulk shredding, particles are mixed in far greater volume, making the task of piecing a document back together, impossible.
As part of The Maltings’ secure shredding services, we provide our client with secure lockable consoles or bins for a scheduled collection service or we can provide confidential waste sacks for those in need of a more ad-hoc solution.
To talk to us about how our services can help your company stay GDPR compliant, call us on 02920 793 434 or email us at firstname.lastname@example.org.