The General Data Protection Regulation (GDPR) came into effect on the 25th of May 2018, and acts to better protect consumer’s data and empower them to have more control of how their data is used and stored. The penalty for a company breaching the regulations includes fines of up to €20 million fine or 4% of the company’s global revenue – whichever figure is larger – as well as other sanctions.
GDPR is enforced in each country by independent national agencies, coordinated by the EU-appointed Data Protection Supervisor, Giovanni Butteralli. The UK’s data protection agency is the Information Commissioner’s Office (ICO), who receive up to 500 weekly calls, most of which are about data incidents which fail to meet the GDPR reporting threshold.
The ICO reportedly has multiple ongoing GDPR breach investigations, including one against Ticketmaster, who suffered a data breach this June. According to Butteralli, data regulation agencies such as the ICO will soon be issuing the first wave of fines and sanctions against companies who investigations have shown to be in breach of GDPR.
How can you avoid being one of the companies facing penalties, fines and sanctions for being in violation of GDPR?
Lots of advice will suggest reviewing how you store and report on data, and while this is a good place to start, it is just that – a starting point for GDPR compliance.
One aspect of remaining (or becoming) GDPR compliant that many businesses unfortunately overlook is how they dispose of their end-of-life IT assets. Even after you have wiped or reset your company’s IT assets, they could still hold sensitive personal data about clients, customers or partners. Improper handling and disposal of these assets can leave the data they hold vulnerable to theft and misuse, a breach of data that your company would ultimately be held responsible for.
To protect your business from these kinds of data breaches, be sure to use a certified ITAD service provider, and be wary of those offering free IT asset collection and disposal. One way to narrow-down IT Asset Disposal companies that are secure is to check that they are ADISA accredited and use the highest level of data erasure software such as Blancco. Tier 1 is a Blancco Gold Partner, Registered Microsoft Refurbisher and a holder of ADISA’s Distinction with Honours certification since 2011.
If you are looking for secure, GDPR compliant IT asset handling services with unique social value benefits, get in touch with us today.