In previous blogs, we have talked a lot about GDPR. The law is constantly changing to reflect concerns about privacy. People are becoming more and more aware of how their personal information is gathered, stored and used. Unless you store and dispose of confidential information properly, you run the risk of a hefty fine. This is all well and good, but how strictly does the government actually enforce GDPR? Do you really need secure shredding services to protect from data breaches?
In this week’s blog, we are going to highlight the Data Protection Commission’s annual report. The DPC is responsible for upholding GDPR in Ireland. Its annual report gives a detailed summary and breakdown of the data breaches that occur in a given year. These statistics demonstrate that the imposition of fines and audits are far from idle threats. Document destruction must be taken seriously, and non-compliance is punished. The DPC means business. Let’s look at some of the figures and statistics:
Paper-Related Data Breaches
Naturally, the scope of the DPC’s report is very wide. We store a lot of information digitally, so many of the recorded data breaches are digital. These include hacking, unauthorised access to online accounts, or email-related offences. However, paper-related data breaches account for a significant proportion. There were:
- 653 data breaches related to paper out of a total of 6,549.
- 318 data breaches because of unauthorized access to documents.
- 219 data breaches because of paper lost or stolen.
- 116 data breaches because of official documentation lost or stolen.
As you can see, it is not rare for the DPC to enforce the rules. There is a very real risk of you incurring a fine unless you take your document storage and destruction seriously.
Key Takeaways
It is interesting to note that, although recorded data breaches fell from 6,783 in 2020 to 6,549 in 2021, the number of paper related breaches actually spiked from 296 to 653. Despite the fact that we are increasingly moving data storage online, physical documents pose as big a risk as ever in terms of data breaches. Even if your business stores all of its new information digitally, it is highly probable that you have older paper records that pose a data breach risk. If there is personal information in any of these records, you cannot hold them indefinitely. This is reflected in the report by the 318 data breaches due to unauthorized access to documents.
Secondly, 335 of the recorded data breaches were due to documents or paper lost or stolen. In other words, it is not enough to simply get rid of old files, you need to demonstrate that it was done securely. State institutions in particular, should take note that of the 116 data breaches because of official documentation lost or stolen, 108 were public sector documents.
Secure Shredding Services
The Data Protection Commission’s report highlights why it is so important to bring in a shredding specialist such as Pulp. Here are some of the many reasons you should avail of our secure shredding services:
- We can purge all of your old, irrelevant, confidential documents quickly and efficiently with our One Off Service.
- We are 1 of only 6 NAID AAA certified mobile shredders in Europe. That means we comply with data protection laws to the highest possible standards.
- Our shredders destroy documents far more thoroughly than normal office shredders.
- We issue you with a certificate of destruction when we shred your documents. This means that you can quickly and easily demonstrate to any auditor that you have securely disposed of your confidential information.
The DPC has set a high bar for businesses in terms of data protection. Why take a chance on meeting these requirements by yourself when you can invoke the expertise of a shredding specialist like Pulp? We are 100% certain that our shredders destroy documents to the exacting standards of GDPR. Can you say the same of your run-of-the-mill office shredder? The DPC can and will penalise you for what may seem like minor lapses. Partnering with a company like Pulp, a company that knows the legal requirements inside-out and has a proven track record, is the only way to guarantee your compliance with data protection requirements. We can get it done quickly, securely, and cheaply. Call us today to find out more.