The Biggest & Best Portal to the Professional Property, Workplace and Built Environment Community

Sunday, 16 June

In Shreds - Most Companies Still Failing On GDPR


It's over a year since GDPR came in to force and yet over two-thirds of poll respondents still think their organisation is not compliant.

This lack of confidence is according to the latest Twitter poll from organisers of the Infosecurity Europe exhibition. The majority of respondents (68 per cent) believe that organisations have not taken the EU General Data Protection Regulation (GDPR) seriously and are still not compliant.

A lack of doubt in its enforcement is reflected by further results of the poll. When asked if respondents believe that GDPR regulators are being too relaxed when it comes to enforcing standards and following up with organisations, almost half (47 per cent) agreed that they were.

Infosecurity Europe runs from June 4-6 at London's Olympia. It will see the release of an annual ‘State of Cybersecurity Report’. The report's author, Dan Raywood, said: “Compliance is a complicated trend to fully evaluate because while it is something that needs to be acted upon, the stronger enforcement and regulation that had been hyped in the build-up to GDPR have not really materialised. Therefore, it may force some to think that compliance does not have to be taken as seriously as we are expected to believe."

A contributor to the repoert, Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4, said, ‘While excitement about regulation has died down a little, the introduction of GDPR has had both positive and negative impacts. GDPR will remain a driver in the EU and beyond, as more and more organisations are changing the way they handle data in the face of changing regulatory requirements. GDPR and other compliance regulations have done a lot to promote the application of foundational information security and privacy-related practices. A potential downside, however, is that many organisations still assume that meeting a compliance requirement is the same as being secure - of course history teaches us that compliance and security are not the same thing.”

Attracting 6,421 responses, the Infosecurity Europe Twitter poll was conducted during the period 17-19 May 2019.


UK Businesses Still Are Not Ready for Compliance

Office supplies company ACCO Brands, Europe which own Rexel (the paper shredder company) has also conducted a 'one year on' from GDPR survey which found some firms have adapted quickly and with ease while others lag behind.

According to the survey, the EU Commission has received over 95,000 complaints in the time since the new rules took effect, the most notable example being the £44 million fine Google  incurred over how the site uses data to target ads.


What else did the survey discover?

  • 30% of survey respondents believe GDPR only applies to digital data - However, GDPR regulations apply to both digital data and personal data processed in a non-automated manner which forms part of or is intended to form part of, a filing system. While digital data breaches tend to grab most of the headlines, physical data non-compliance is just as much of a risk and is often overlooked.

The paper documentation a business keeps may contain private and sensitive data about its customers and partners, such as addresses, telephone numbers, insurance numbers, and more. Improper handling of this information can not only lead to large GDPR fines and penalties, it can also bring about negative consequences and unwanted solicitation for customers.

  • Many firms have invested  in new or improved cybersecurity measures, yet three quarters of businesses have yet to address issues with physical data. Many have moved their vital documents into digital or Cloud-based storage systems but have failed to devise an appropriate solution for handling the physical records once they have been digitised.

  • The loss or theft of paperwork are among some of the most common incident types reported to the Information Commissioner’s Office (ICO).

  • 53% of businesses still have zero or one shredder and 52% of consumers still don’t understand shredding security levels. Though GDPR does not specify which level of shredding security is required to be compliant, it is better to be safe than sorry. Cross cut and micro cut shredding are the most secure options, as they produce the small paper particles that are impossible to piece back together as opposed to large strips. Businesses with traditional strip shredders may want to consider trading up to these more secure cuts in order to fully safeguard data.

Picture: Rexel reckons companies have invested in cyber security to comply with GDPR but have forgotten about physical document management.



Article written by Brian Shillibeer


Related Articles

Facilities Show 18-20 June Excel London

Unless you've been on some kind of news blackout, you'll know that the Facilities Show takes place next week at London's Excel. We've got a preview and...

 Read Full Article
Flexi Work - Booty: 'It's In The Eye Of The Beholder'

Tony Booty says companies should look around carefully and grab some data before embarking on flexible working office schemes. Booty is a director at Abintra which...

 Read Full Article
BT Hangs Up On Property Connections

BT is to get rid of at least 270 offices around the UK by 2023 and consolidate down to just 30. The first eight locations nominated in the telecom giant's...

 Read Full Article
To Have And To Have Not - Connectivity Not Always A Given

BT may have decided that all its offices need to have super-fast connectivity but that is not a luxury all London landlords can offer, writes Nick Dutfield. Arguably...

 Read Full Article
Power Plants - Making Energising Plans Blossom

An online florist has identified 10 plants that possess qualities that can improve health and wellbeing and increase productivity in the office. The good folk at...

 Read Full Article
Furey Gets Wilder

Jackie Furey has taken the gloves off and thrown her heavyweight experience in to developing top tips to stop your office heating the planet. Unless you’ve been...

 Read Full Article
ÂŁ3.347 Billion Office Spend Outside Of London

The total investment volume and take-up of office space in 10 major cities across the UK in 2018 has been complied by commercial property specialists Savoy...

 Read Full Article
Anxiety For Whom The Bell Tolls

The results of a survey of UK office workers suggests that many of them are becoming increasingly anxious about answering the phone at work. Fear of making or taking...

 Read Full Article
Malicious Intent Is Biggest Threat to Personal Data

A social media poll has found that sixty-five per cent of respondents believe that humans pose the biggest threat to their personal data rather than cyber...

 Read Full Article
Most Organisations’ Biggest Security Concern Is Users

What Keeps You Up at Night – The 2019 Report looks at over 350 global organisations' security concerns and reveals people are the biggest perceived...

 Read Full Article