How the new EU GDPR impact your business
Since coming into force in May 2017 the new European General Data Protection Regulations (or GDPR) have resulted in a significant tightening of the laws surrounding the way that customer data is kept and processed. Whilst not a replacement for the existing UK 1998 Data Protection Act this European legislation has a significant impact on British businesses – even those which previously may not have been affected. As a consequence some UK companies – especially small to medium sized enterprises – may still not be aware of the obligations placed them in respect of having suitable information governance and records management in place. This leaves them wide open to the risk of incurring some quite stiff financial penalties, not to mention the adverse publicity and damage to a business’ reputation that such a prosecution would bring.
If you don’t already have a robust and comprehensive records management system in place it’s highly likely that your business is already in breach of the GDPR. In particular, great emphasis is now placed on having a very clear data retention schedule in place – this is due to the European legislation’s requirement that customer data is not kept for longer than necessary. In addition, once a customer’s personal data or records are no longer required they must be disposed of in a secure manner which prevents any chance of retrieval.
A proper records management system isn’t simply a method of being able to easily lay your hands on records or data when it’s required (although this is a significant element). The process of correct information governance should also set very clear parameters on when data and records are no longer of any value – the idea of keeping everything “just in case” is no longer a valid strategy. Consequently, the EU General Data Protection Regulation has put the issue of both records management and data protection very firmly back on the business agenda of many companies.
Archive-Vault are in the perfect position to provide your business with a professional records management service: Not only handling your day to day storage and fast retrieval requirements but ensuring that all your legal obligations regarding data protection are being met.