Prepare For The GDPR With Rexel Shredders

Prepare for GDPR

Data protection is incredibly important in business and the current Data Protection Act (DPA) has been in force since 1998. In May 2018 however, new regulations from the EU will be implemented with the General Data Protection Regulation (GDPR).

The GDPR will require organisations to ensure that they have sound security practices in place for electronic and paper based data. As well as this, in the unfortunate event of a data breach, potentially affected individuals must be notified.

While being an EU regulation, the GDPR has extensive reach as it applies globally to any organisation that controls or processes personally identifiable data about any people in the EU. Organisations are subject to this regulation regardless of where they are based geographically.

Due to these new regulations, it is vitally important that organisations adapt to the change by ensuring that not only electronic data security is adequate, but that their paper based data is also kept secure. A startling statistic is that almost two-thirds of offices have admitted to not shredding confidential information, putting this information at risk.

What Is New With GDPR?

Some of the differences between the DPA 1998 and the GDPR are new for individuals and did not exist under the existing legislation, whereas some did exist and have now been strengthened. These rights have been listed below:

  • The right of an individual to transport their personal data from one organisation to another
  • Personal data has to be provided in a structured and machine readable format
  • An individual can also request the deletion or removal of personal data
  • Any breaches of data must be reported to the supervisory authority
  • Any individuals who are affected must be informed
  • Local authorities no longer have to be informed when personal data is being processed
  • A record of processing activities under an organisations responsibility must be maintained
  • Data Protection Impact Assessments can help to identify high risks to the privacy rights of individuals
  • Any security recommendations and requirements should be based on a risk assessment
  • Organisations must be able to demonstrate their compliance with the GDPR

If an organisation fails to comply with the GDPR then there are strict repercussions with fines of up to 20 million Euros, or alternatively 4% of the Global Company Revenue, whichever is greatest. As well as this, organisations can be sued by a data subject within a court of law.

The introduction of GDPR will affect Data Controllers, who say how and why personal data is processed, as well as Data Processors, who act on behalf of the controller. A Data Processor must appoint a Data Protection Officer as well as keep records of all processing activities that they perform on behalf of clients.

Paperwork Is Still A Cause For Security Breaches

It may be common to think that because of the increased use of electronic data that paperwork is not a cause for concern anymore. But it is still a cause for many common security breaches as out of the 598 data security incidents that were recorded between July and September 2016, 14% were because of loss or theft of paperwork.

A further 19% were due to paperwork being posted or faxed to an incorrect recipient and 4% were because of data being left in an insecure location. 3% were due to the insecure disposal of paper, resulting in 40% of data security incidents being caused by paper according to the UK’s data protection regulator, the Information Commissioner’s Office.

Support GDPR compliance with Rexel shredders

What Can Organisations Do To Comply With GDPR?

It is important for organisations to ensure that they are compliant with GDPR and Rexel is here to help support compliance. While an organisation itself should be aware of GDPR, it is important to make sure that employees themselves are aware of the change in regulations. A lack of awareness cannot be used as an excuse, so make sure to have a firm and clear document shredding policy in place.

Shredding can often be a difficult and tiresome job, which can lead to high rates of employee non-compliance with document shredding. Investing in Auto Feed technology can make shredding easy and quick as research prepared for ACCO Brands by Deep Blue Insight found that 53% of employees adopted batch shredding.

This is where an employee will wait until they have a stack of documents before shredding them all at once. With Rexel Auto Feed shredders, the time taken to shred 500 sheets is drastically reduced to only 00:14s compared to 14:25s when shredding manually.

That is because with a Rexel Auto Feed paper shredder, paper can be stacked into the shredder, shut and then locked. The paper will be shred quickly and efficiently while the employee can continue on their daily business, ensuring that an organisation is on their way to compliance while maintaining their high productivity levels.

The Auto Feed shredders can also provide high levels of security, with the Rexel 750M Auto+ Shredder being capable of shredding up to 850 sheets of 70gsm or 750 sheets of 80gsm into 2,000 2 x 15mm micro cut pieces. This makes it particularly suitable for shredding confidential information or personal data.

Why not take a look at the range of Rexel Auto Feed shredders that are available on OPInfo to ensure that your organisation is ready for GDPR compliance? To find out more information about GDPR and how Rexel can help, visit

About Author

Sarah Jubb

Related Posts