The cost of being sloppy with your confidential waste shredding is spiralling.
The average fine for data breaches has doubled over the past year, City law firm RPC has calculated. It says the Information Commissioner’s Office imposed almost £5 million in fines between September 2017 and September 18, an increase of 24% on the previous year.
The average fine is now £146,000, a substantial potential cost facing any business which does not handle its confidential waste shredding or data storage correctly.
Recent high profile fines include the £500,000 imposed on credit-reporting company Equifax after a hacker gained access to the personal details of 15 million people, and the £500,000 imposed on Facebook for its role in the Cambridge Analytica scandal. Up to 87 million account holders had their data harvested without their knowledge.
The Facebook fine was imposed under the Data Protection Act 1998, rather than GDPR where the maximum penalty is up to 4% of worldwide annual turnover or €20m, whichever is greater. The incident fell outside RPC’s calculations because of the reporting time.
However, RPC says this increase in fines should be a “wake-up call” to businesses to ensure their confidential data is held and destroyed securely.
Given the fact SMEs make up 99.9% of the businesses in the UK, according to Department for Business, Innovation, and Skills statistics, most have fewer than 50 employees and the average UK annual turnover is around £500,000, the burden of the average fine for data breaches could be devastating for them.
How can confidential waste shredding help keep your online data safe?
One of the easiest ways for hackers to gain access to your system is to check through your waste paper or old hard drives and USB sticks to get information on passwords, software, hardware, and IP addresses which access it regularly.
Think about all the information we print out, write on sticky notes on our desks, or keep filed away in drawers, and all the data we have on old hard drives.
If you’re disposing of that sort of confidential paper waste or waste media, secure shredding ensures those details don’t pass into the hands of hackers.
It also ensures you’re meeting your requirements under GDPR, the General Data Protection Regulation.
Your data controller will need to show the systems you have in place to ensure the personal data you hold about staff, customers, and suppliers is secure.
Any documents you no longer need with personal details such as names, addresses, email addresses, phone numbers, National Insurance numbers, copies of ID documents such as passports and driving licences, or medical or disciplinary records would fall into the confidential waste category.
Why you should choose Taclus Confidential
- We offer confidential paper waste, removable media, and hard drive destruction services at affordable prices.
- Taclus Confidential holds the accreditations for ISO 9001:2015 for quality management and ISO14001:2015 for environmental management and has been certified by independent auditors IQS for both.
- Taclus has also been selected as the confidential waste management partner for Keep Wales Tidy.