GDPR Systems are only 20% of the issue…..
Regular visitors to our site and readers of our blog will know just how important print, print security and document management are in ensuring best practice and GDPR compliance. Yes, we have a vested interest in banging this drum and yes, we are working with clients to implement new systems, software, devices and processes to ensure they are compliant in plenty of time, but even we know that systems are only 20% of the issue.
The biggest part of GDPR compliance, the other 80% in fact is people – your people. Sadly, they pose the biggest risk in terms of data breaches or lax security. The good news is that if configured correctly, the 20% can control up to 80% of the 80% and provide fail safe measures to avoid issues.
Where, even the best thought out, GDPR processes will fall down is in human oversight. So, you have a policy and a process to manage the review of licences and expiry dates for data held on your systems. That job falls to a person, your data controller or maybe even someone without a specific documented remit in data protection. That person gets busy, that person gets ill or that person leaves – who picks up this activity and have they got the appropriate admin rights or skills to make the right decisions? The policy rapidly falls apart.
As previously documented here, the side of the business that we can help with – document management software, follow me print, secured network print devices etc. – can play a huge part in managing GDPR compliance. Workflow, user permissions and automated checks of document/data lifecycles can remove the manual intervention allowing users to go about their roles in the safest and most secure means possible. As well as providing compliance, correctly set up systems can also introduce valuable cost and time efficiencies.
You cannot remove people entirely from the system as the authors or users of the documents and data in question, and so there will always be an element of the process which relies on the human brain and/or common sense. But you can help them and support them by ensuring the 20% of your business that can be automated is set up in a manner which underpins and manages the other 80% to at least mitigate risk and provide a degree of fail-safe in the system.