The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Thursday, 22 August

In Shreds - Most Companies Still Failing On GDPR


It's over a year since GDPR came in to force and yet over two-thirds of poll respondents still think their organisation is not compliant.

This lack of confidence is according to the latest Twitter poll from organisers of the Infosecurity Europe exhibition. The majority of respondents (68 per cent) believe that organisations have not taken the EU General Data Protection Regulation (GDPR) seriously and are still not compliant.

A lack of doubt in its enforcement is reflected by further results of the poll. When asked if respondents believe that GDPR regulators are being too relaxed when it comes to enforcing standards and following up with organisations, almost half (47 per cent) agreed that they were.

Infosecurity Europe runs from June 4-6 at London's Olympia. It will see the release of an annual ‘State of Cybersecurity Report’. The report's author, Dan Raywood, said: “Compliance is a complicated trend to fully evaluate because while it is something that needs to be acted upon, the stronger enforcement and regulation that had been hyped in the build-up to GDPR have not really materialised. Therefore, it may force some to think that compliance does not have to be taken as seriously as we are expected to believe."

A contributor to the repoert, Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4, said, ‘While excitement about regulation has died down a little, the introduction of GDPR has had both positive and negative impacts. GDPR will remain a driver in the EU and beyond, as more and more organisations are changing the way they handle data in the face of changing regulatory requirements. GDPR and other compliance regulations have done a lot to promote the application of foundational information security and privacy-related practices. A potential downside, however, is that many organisations still assume that meeting a compliance requirement is the same as being secure - of course history teaches us that compliance and security are not the same thing.”

Attracting 6,421 responses, the Infosecurity Europe Twitter poll was conducted during the period 17-19 May 2019.


UK Businesses Still Are Not Ready for Compliance

Office supplies company ACCO Brands, Europe which own Rexel (the paper shredder company) has also conducted a 'one year on' from GDPR survey which found some firms have adapted quickly and with ease while others lag behind.

According to the survey, the EU Commission has received over 95,000 complaints in the time since the new rules took effect, the most notable example being the £44 million fine Google  incurred over how the site uses data to target ads.


What else did the survey discover?

  • 30% of survey respondents believe GDPR only applies to digital data - However, GDPR regulations apply to both digital data and personal data processed in a non-automated manner which forms part of or is intended to form part of, a filing system. While digital data breaches tend to grab most of the headlines, physical data non-compliance is just as much of a risk and is often overlooked.

The paper documentation a business keeps may contain private and sensitive data about its customers and partners, such as addresses, telephone numbers, insurance numbers, and more. Improper handling of this information can not only lead to large GDPR fines and penalties, it can also bring about negative consequences and unwanted solicitation for customers.

  • Many firms have invested  in new or improved cybersecurity measures, yet three quarters of businesses have yet to address issues with physical data. Many have moved their vital documents into digital or Cloud-based storage systems but have failed to devise an appropriate solution for handling the physical records once they have been digitised.

  • The loss or theft of paperwork are among some of the most common incident types reported to the Information Commissioner’s Office (ICO).

  • 53% of businesses still have zero or one shredder and 52% of consumers still don’t understand shredding security levels. Though GDPR does not specify which level of shredding security is required to be compliant, it is better to be safe than sorry. Cross cut and micro cut shredding are the most secure options, as they produce the small paper particles that are impossible to piece back together as opposed to large strips. Businesses with traditional strip shredders may want to consider trading up to these more secure cuts in order to fully safeguard data.

Picture: Rexel reckons companies have invested in cyber security to comply with GDPR but have forgotten about physical document management.



Article written by Brian Shillibeer


Related Articles

To Kingdom Come - Fire Foiled Near Brit Land's Paddy Central

Sprinklers saved an office from being destroyed in the week ending August 16. They are on Kingdom Street - the same street as a prestigious existing office development...

 Read Full Article
Facial Recognition Now Available - But Trouble Brewing Ahead

A commercially available facial recognition system has just been launched. Meanwhile, developer Argent could be in hot water for using LFR and both the ICO and a...

 Read Full Article
New Plans May See Bishopsgate Goodsyard Delivered

The Bishopsgate Goodsyard may now progress to become a 10 acre mixed use scheme in the heart of Shoreditch, east London now Hammerson and Ballymore have submitted revised...

 Read Full Article
Flex At 25 - Just Flexing Its Muscles

Flexible working space and co-working space is still on the rise all over the world but the concept is at least 25 years old - so ThisWeekinFM decided to look back...

 Read Full Article
Tips On Joining The Net Zero Revolution

Net Zero by 2050 means businesses will have to change the way they operate - choosing to work with green-minded suppliers and cutting energy use are prime examples....

 Read Full Article
Tax Demands Transformation Starting With Soft FM

HM Revenue and Customs has awarded contracts for soft FM services including cleaning, waste, porterage, meeting room management, mail and food services worth £15...

 Read Full Article
A Talent For Finding Happiness

Britain’s Got Talent finalist Dave McPartlin has joined in the search for the nation’s happiest workers and workplaces. The National Happiness Awards, are...

 Read Full Article
Brighton Rocks - New Homes & Major Business Space Planned

What is being described as a 'once in a generation development’ has received the go-ahead. The New Monks Farm development in Lancing and a development at...

 Read Full Article
Facilities Show 18-20 June Excel London

Unless you've been on some kind of news blackout, you'll know that the Facilities Show takes place next week at London's Excel. We've got a preview and...

 Read Full Article
Flexi Work - Booty: 'It's In The Eye Of The Beholder'

Tony Booty says companies should look around carefully and grab some data before embarking on flexible working office schemes. Booty is a director at Abintra which...

 Read Full Article