7 simple tips to minimise the risk of a data breach

Adopt these simple data protection practices to be GDPR compliant

Data protection in today’s digital world is crucial. In the workplace it is something that should not be overlooked. The personal data your company processes is valuable, and any attempt to steal this information could be costly to your business. The rules around personal data protection were standardised in Europe in 2018. The General Data Protection Regulations or (GDPR) give businesses guidance on how to keep your business and customer data secure.

There are a number of very simple data protection practices you can adopt to become GDPR compliant. Here are a few simple rules to follow.

1. Appoint a data protection officer

Nominate a member of your team to be the dedicated data protection officer. They will oversee all staff training, all data protection issues and report any data breaches to the Data Protection Commission (DPC). They will also be the point of contact for anyone worried about data protection issues within the workplace.

2. Conduct regular staff training

Staff training is an essential part of keeping your data protected in the workplace. Around 95% of cyber security breaches are caused by human error. Ensure all staff know how to practice good digital security to try and prevent any issues occurring. Simple details such as being able to identify a phishing email, or updating your passwords regularly are common actions you can take to keep information safe. For remote workers, ensure staff are briefed on how to keep business data safe wherever they work.

3. Use a shredder

Shredding documents is an easy way of avoiding physical data being wrongly accessed. Any outdated printed financial or confidential data must be securely shredded. Don’t forget to also shred receipts and post it notes containing information such as phone numbers or email addresses. Old notebooks should be kept for as long as necessary and be shredded as they may also contain sensitive information.

4. Practice good record keeping

Filing documents in an organised way will not only help you access files with ease but will minimise the risk of documents or folders going astray. Have a system for archiving older files so that only the most relevant information is kept in your filing cabinets, and ensure a digital copy is taken before any information is shredded.

5. Adopt a clean desk policy

A clean desk is not only good for productivity but can also prevent a data breach. Ensure that all files are locked away at night. Avoid using bins under desks for another simple way of promoting shredding or paper recycling.

6. Practice good digital awareness

Good digital security is useful not only in the workplace but for your personal data too. Regularly update workplace passwords, encrypt financial documents and be on the lookout for suspicious messages that could be trying to obtain information. Avoid using workplace IT for personal admin such as banking or social media.

7. Recycle responsibly

Remember to dispose of your old IT equipment with care. Hard drives must be degaussed (wiped using magnetic technology) to ensure that no data remains then shredded securely. Don’t forget to carefully dispose of machines such as photocopiers and printers that store digital information on a hard drive. If your office recycles paper, make sure staff know not to put confidential information in the recycle bin and to shred this instead.

We stock a range of products to help you be GDPR compliant, including shredders, digital hardware and secure filing cabinets. For further information on data protection, please see the Data Protection Commission for Ireland.