Our recent blogs have focussed on the impact of GDPR around print devices and physical copies of documents, but in many respects that all relies on a degree of user management and human intervention – therefore common sense. There is another aspect of data management that needs consideration when taking GDPR regulations into consideration and that is the actual storage of soft copy documents, in safe and secure environments with appropriate management processes and controls around them.
Unless you are already using a dedicated document management system, it may be that certain files you hold or the way you store them leaves you vulnerable to breaches of GDPR regulations. To clarify this, when we speak about document management systems we mean software packages and systems that are designed specifically to store, index, monitor and manage electronic files – spreadsheets, PDF’s, office files etc.
For those using File Explorer or similar native built in/free to use filing cabinet systems, these do not, in our book, qualify as true document management solutions.
Probably the most obvious example is your data protection policy and any supporting documents that are created to govern your compliance with GDPR regulations. Documents that have a lifetime. These are not one-off documents that, once created, disappear into the abys. They should be agile refence manuals for day to day activity. In this respect they need regular review to ensure that working practices or the regulations themselves have not changed, exposing vulnerabilities. So a true document management system can use workflow to monitor the age of documents and prompt controllers to review them when required or if necessary, delete out of date documents which pose a risk to data protection.
For those purchasing or using data, which always carries a timed licence, for marketing purposes date sensitive management is incredibly important. How many companies reading this know they have a licence but cannot be sure when it expires and whether the data they use for marketing purposes is still valid? Document management systems can manage this for you.
Utilising workflow, user permissions and document control indexes true document management systems/software can be a vital tool in helping you achieve GDPR compliance, removing the reliance on significant manual intervention.
As we work with more and more companies to develop their GDPR policies and practices, it is clear just how deep the regulations go. So introduction of systems and processes that are fully integrated to your other software applications and hardware/devices will help minimise risk and ensure compliance.
Are you paying too much for print?
The title for this should probably read ‘You ARE paying too much for print’ as it is increasingly rare that we come across a company that cannot make savings across their print estate. This is not for the want of trying as most companies understand that the provision and maintenance of devices and consumables is normally a big chunk of their IT spend.
So, in this blog we wanted to share the benefit of our experience in this sector to try and help more of you drive down costs. Some of the ideas below may seem obvious but the small costs soon add up and if you haven’t reviewed your print estate recently, then maybe these five top tips will help guide you:
There are plenty of unique criteria that may only apply to you and so if you need some more bespoke advice and support around efficiencies and cost reductions please let us know.
GDPR Compliant Workplaces
We’re used to hearing horror stories of laptops and USB keys going missing stacked full of data, or websites being hacked to access personal information; but despite spending huge budgets on securing electronic data, most companies still fall foul of new data protection regulations due to hard copy material.
GDPR (General Data Protection Regulation), which comes into force in May 2018, has once again shone a light on the subject of data protection and will introduce far reaching conditions on holders of data to ensure they are doing all they can to protect it. But walking around most offices, many have overlooked some of the most obvious breaches.
Working with clients to introduce print efficiencies and reduce costs, we spend a lot of time around printers, scanners and other networked devices that hold and generate significant amounts of data. Whilst most workstations are secured, it is amazing how few devices, such as printers, are not.
Printers are, to all intents and purposes, PC’s and if they are not protected can provide the same level of access to your network and data (as demonstrated in this HP video). Furthermore, incorrectly configured print management systems can result in secure and confidential documents/data popping up on machines around the building and not always in the right places. Not a problem if you remember to pick them up immediately, but how many times do we forget, leaving the content on display for anyone looking?
In the last 20 years, secure destruction of documents has avoided personal data ending up in freely accessible bins or blowing down the street, but these bags of documents are a data dream, all neatly packed together in a handy bag that can be picked up and taken away. How easy is that? By putting documents in these bags, we get a false sense of security, but actually all we are doing is creating a nucleus of data.
So, as we help clients prepare for the introduction of GDPR, one of the first things we do is a walkaround of their premises to point out these seemingly obvious issues. You’d be surprised how many organisations with highly secure, locked down IT processes are undermined by the simplest things.