Banner Blog

It's a legal requirement for anyone operating a business which handles personal data to fully comply with the rule of the GDPR, and this extends to ensuring all employees are aware of the obligations to securely destroy personal documents to avoid data breach.

As more employees work remotely, businesses must still remain compliant with the GDPR. Employees accessing sensitive data at home may be at risk of breaking rules, especially where paper data is involved, and we wanted to highlight this this National Fraud Awareness Week.

It's a legal requirement for anyone operating a business which handles personal data to fully comply with the rule of the GDPR, and this extends to ensuring all employees are aware of the obligations to securely destroy personal documents to avoid data breach.

As more employees work remotely, businesses must still remain compliant with the GDPR. Employees accessing sensitive data at home may be at risk of breaking rules, especially where paper data is involved.  

The GDPR, or General Data Protection Regulation, which came into effect May 2018, has drastically transformed the digital landscape.

Chances are, it has also affected how your workplace secures paper data, handles cybersecurity, and protects user information. 

But when it comes to remote work, employees are left guessing. In fact, HRZone’s 2020 report on HR trends found that 57% of employers didn’t have a formal remote work policy.*

So how does the GDPR apply to remote workers? Can you even remain compliant while working from home? This is what we’ll answer in this short post. 

The current situation has seen an unprecedented number of employees working from home, including those who have rarely worked remotely before. 

The information Commissioner’s Office (ICO) has signalled that it will take the current circumstances into account when considering enforcement action under GDPR.  However, the ICO will still expect employers to take appropriate action to protect information when working from home.

It may be a whole year since the GDPR law, but many UK organisations are still yet to comply, according to research.

Of 23 personal data requests made to companies in the UK, 74% failed to address these requests from individuals seeking to obtain a copy of their personal data, within the one-month time limit required by the GDPR.

And, in the last year, fines totalling over £49 million have been issued to 91 companies around the world for failing to follow GDPR rules, including nearly £44 million against a single organisation. Although the European Commission did not levy the full 4% of the companies’ total global revenue, which they could have done, it’s still a sizeable sum.

If you want to put in place some simple steps to help your organisation comply with GDPR, here are a few guidelines: