Posted on

The GDPR Countdown

Last year, the UK government stirred business owners into a frenzy by announcing that the Data Protection Act 1998 will in May be replaced by the General Data Protection Regulation, in accordance with EU policy. The new regulation will be an update on the Data Protection Act, and it’s been a long time coming. The UK Data Protection Act was written before the internet and cloud computing transformed the way we generate, use and store data – both as users and as business. GDPR attempts to address these issues and put measures in place to protect data within new technologies. But now with just 4 months to go, it’s time to ask yourself if your business is GDR ready. Because if it’s not, you risk a fine of up to  €20 million. To make sure you don’t fall foul of this, we have a few tips to help you become GDPR compliant before the deadline.

 

Appoint A Data Protection Lead

GDPR isn’t just a few new rules – it’s an all encompassing regulatory change, which means it impact every aspect of your business as you know it. But rather than rolling out a whole bunch of changes and expecting your staff to understand, it’s important for you to assign a data protection lead within your business to deal with questions and issues. It will be their job to create a clear strategy that fosters change in your business, be fully trained in GDPR compliance and have the authority to make changes across the board.

 

Train Your Staff

The next logical step for you is to train your staff. While your data protection lead will be at the forefront of ensuring compliance, everyone within the business needs to understand their obligations under the new regulation, and how they need to modify their own work practices to meet them. It’s vital that every employee is confident in their role, and understand what the regulations mean for their daily processes and interactions with customers. Training should also include discussions of exactly what should happen if a data breach does occur, and the importance of notifying the relevant parties within 72 hours.

 

Audit Your Processes

At the moment, your business will have dozens of process in place for how it handles data, and they will all be compliant with the current regulation. But with the changes, you will need to go back and assess every single aspect of data gathering, storage, use and destruction of confidential, personally identifiable data, and work out if anything needs to change. This full process audit will take time, and undoubtedly need multiple changes for your business. So it’s better done sooner rather than later.

 

Get Your Partners In Place

If you’re a small business, you might not be able to handle it all on your own. There are many businesses out there that offer services to aid you in becoming compliant. From cyber security experts who can help you manage data, to secure destruction experts like us.

 

At Hungry Shredder, we help businesses dispose of their confidential data in a simple, secure and GDPR compliant way. Our shredding sacks allow you to collect paperwork, hard drives and other data storage facilities, and have them collected and disposed of securely, with a certificate of destruction provided at the end. In the run up to GDPR, we are helping business owners across the country put policies in place to tackle the final element of GDPR data handling – the destruction. To find out more, just get in touch with our team today.

Posted on

Data Breach? What Do You Do Next?

Did you know that over 2017, 46% of small businesses across the UK reported significant data breaches? For medium sized businesses this rose to 66%, and a staggering 68% of large firms reported similar breaches. This increase in cyber breaches only brings the total value of us to £2.48 million per year. So this raises the question – what is a business supposed to do when they experience a data breach? And with GDPR only implementing more rules around how to handle data breaches, it’s essential that everyone in your business understands what to do in the event of a data breach. To help you out, here are 6 things you need to do.

 

Put A Response Team In Place

As soon as you become aware that there’s been a breach, you need to alert and assemble a response team. If you don’t have one in place, you need to create one. Your response team is essentially a group of people, either internal or external, who have the skills to deal with a breach, fix it and deal with the fallout. This team should have decision making authority, and report to the board on progress regularly. Having an incident response team in place has been proven to be a cost-reducing factor in a huge number of data breaches, large and small, saving on average £12.37 per data record affected.

 

Contain The Problem

When you become aware of it, your second priority should be a containing the problem. Identify the source of the breach as quickly as possible – was it a faulty firewall? Malware? A phishing scam? Or maybe an insider information leak. Once you have identified it, take steps to contain the issue. This could mean isolating a particular area of your network, locating a lost piece of equipment or even just changing the access codes of the front door.

 

Assess The Risks

Now it’s important to determine how sensitive the breached data is, and what the real-time risks are. If it’s a ransomware attack, perhaps the ransomed data is just needed by employees to do their jobs, and there are backup files that can be accessed. Theft of customer data, on the other hand, could lead to identity theft, so you should inform the police if appropriate.

 

Solve The Problem

And obviously, you should ensure you take steps to solve the problem once it’s contained. Again, this depends on what the issue was to begin with, so it will be handled differently every time. Once the breach source has been dealt with, you can take steps to protect your systems from attack in the future.

 

Send Out Notifications

This is the part most businesses don’t want to do, because they are worried it will risk their reputations in the marketplace. But it is a legal requirement for you to notify individuals whose data was, or could have been accessed and affected by the breach, so you’ll have to swallow your pride on this one. Sending out notifications early means your customers have the best chance of protecting their data, so it’s important for them and you to do this swiftly.

 

At Hungry Shredder, we believe that every business should put protecting their customer data at the forefront of their operations. That’s why we provide secure and confidential shredding services to business owners around the country. To learn more about how Hungry Shredder can protect your documents and hard drives, just get in touch with our team today.

Posted on

Get Ready For Christmas – Know How To Recycle Your Devices

It’s November, which means the countdown to Christmas has officially begun in the UK. For the more organised people, it means sorting out Christmas presents before the December rush. Maybe even in the Black Friday sales. And one of the most popular gifts this year is new technology. But there is one thing that all of these shiny new devices, and that’s what you do with the old ones? This year, make sure you know how to recycle your old devices, without putting your data at risk.

 

Use The Retailer

 

This is perhaps one of the simplest methods to use. Due to increasing pressure for corporate responsibility, many technology retailers will offer recycling programmes in house. One of the biggest retailers to have this in place is Apple. Since 2014, they have been running a scheme called Renew and Recycle, where you can bring in (or send in) any old Apple products you have (no matter how old they are), and Apple will either recycle them or refurbish and resell them. If they fall into that last category, you will be given an Apple gift card in return for your items. Many of the bigger tech retailers will offer similar schemes, so all you need to do is ask, and it’s as simple as 1 2 3.

  

Wipe It And Sell It

 

One of the most popular options (maybe because the first one isn’t that well known), particularly for phones and tablets, is to sell them on. This can either be privately, online using platforms like eBay or even to re-sellers like Mazuma Mobile. The thing you need to remember in this one is to wipe all of the data from your devices before you sell them on. For mobiles and tablets, this is as simple as just going into the settings and hitting ‘factory reset’. For things like laptops and computers, this will not only mean formatting the hard drives, but removing and shredding them as well.

 

 

WEEE Schemes

 

Your third option is probably best for your older or broken equipment. You know, the kinds that’s been sat in the back of the cupboard for quite a while, just taking up space. The old, chunky TV’s, the broken desktop computer and the ancient tablet. For these, there is the WEEE scheme. WEEE stands for the Waste Electrical and Electronic Equipment directive. This is the EU directive that instructs people and business owners to recycle and reuse their old, waste IT through dedicated centres. Every local authority will have a WEEE centre or scheme in place, so it’s simply a case of finding your local centre and taking your equipment to them. There are also businesses like Veolia, who handle the process for you. You will want to ensure that you have wiped any data from your devices or remove your hard drives before you do. There is no reward for you in taking this route, but it is a way of removing that equipment form your home or business without risking your data.

 

At Hungry Shredder, we help businesses and individuals dispose of their old, unused hard drives in the most secure way possible. So instead of ending up with a drawer full of old hard drives, you can ensure your data is safe and your drawers are free. By shredding your hard drives, you are ensuring that any residual data on them (because there is always residual data) is well and truly destroyed. For more information about our hard drive shredding services, just get in touch with our experts today.

Posted on

1 Out Of 3 Business Owners Still In The Dark Over GDPR

With only 5 months to go until the implementation of GDPR, new research from the Institute of Directors has revealed that 1 in 3 directors are still in the dark about what the regulation means for them, and what they need to do. In fact, several of them didn’t even know what GDPR was. But GDPR will affect every single element of every single business in the UK – so every business owner needs to understand their obligations. Particularly when it comes to confidential data stored in paper form.

 

Preparation Is Key

 

The key to ensuring you don’t end up on the wrong side of GDPR is preparing your business well in advance. This will mean reviewing your data practices at every level – from the highest level of cyber secured data to the smallest shred of paper with a credit card number scribbled on it while taking payments over the phone. But too many businesses are focussing on the digital side of things, while neglecting other elements of their business that need attention. GDPR will impact not only your IT, but your HR department, legal, marketing, sales, and yes, your paperwork.

 

That’s why Jamie Kerr, Head of External Affairs at the Institute of Directors, said:

 

“It was clear from the outset that this would be a mammoth task for small and large businesses alike, but the scale of the challenge has not necessarily translated into preparedness for the new regulation, despite the huge costs of non-compliance. The Government and the regulator must pull their weight on this issue, as it is set to have a significant impact on businesses across sectors and regions in the UK.

 

“It is crucial everyone understands just how big this regulatory change will be for business leaders over the next few months. GDPR also comes hot on the heels of a number of big regulatory shifts for business over the past few years. We should also not forget the potential of extensive preparations that will be needed as we depart from the EU. Taken altogether, it’s not the easiest time to do business in the UK.”

 

So really, it’s all about understanding how GDPR will impact your business, and actively preparing for it.

 

What’s That Got To Do With Paperwork?

As we mentioned in one of our previous blog, paperwork is one of the main things bosses are forgetting in the run up to GDPR, and yet it’s one of the central principles. Because over 95% of businesses still keep confidential data in paper format. That can be anything from customer credit card numbers to employee national insurance numbers. And with GDPR bringing in stricter rules on what is classified as personal information, and what can be done with it, it’s now more important than ever that business owners get their paperwork in order.

 

While we can’t help you with the in house compliance bit, we can help you handle what happens to your paperwork once it isn’t needed anymore. Rather than risk throwing it in the recycling bin (which would be classified as a breach, as it’s all too easy to steal from) or spend hours hunched over your shredder every few weeks, you can outsource your data destruction instead. Our shredding services simply require you to fill a bag with paper to be destroyed, and then give us a call when it’s full. Our experts will collect it from your offices, securely destroy it for you and even provide a proof of destruction certificate, so you can prove you have met your obligations at every stage. For more information, get in touch with our team today.

 

Posted on

Understanding Your Paperwork Obligations

When it comes to running a business, nothing is ever simple. This goes double for your paperwork. Even though more businesses than ever are aiming for the ‘paperless’ goal, paperwork is still a huge pain point. There are a huge number of processes that need to be followed with paper, and many more industry specific rules. But there are some key regulations that govern how businesses manage paper, and you need to know what they are, and how you can stay compliant.

 

Companies House Filings

 

Of course, as a UK business, you have some basic obligations for paperwork with Companies House. These obligations are mainly around what you need to keep, and for how long. Every UK business is required to keep the following documents for 6 years:

 

  • Accounting records
  • Stock records
  • Details of goods bought and sold, including parties involved (unless you are running a retail business)
  • Financial records (such as receipts, petty cash books, delivery notes, copies of invoices, contracts, sales books)
  • Balance sheets
  • Profit & loss statements
  • Financial forecasts

 

Because these records are highly sensitive, businesses also need to stay on top of destroying these once that 6 year timer runs out. Otherwise, you are leaving your business open to identity theft and fines from Companies House. That’s where your shredding partner comes in – we help you destroy these documents securely and on time.

 

On top of that, you will need to keep a few bits of paperwork indefinitely, like:

 

  • Detailed record of the company
  • Results of any shareholder votes
  • Specifics of any company loans
  • Record of share purchases and sales

 

Data Protection

The Data Protection Act is the final authority in how your business should be handling data. You might think you don’t really handle data in paper form, but we can guarantee that you do. The Data Protection Act defines 2 types of data businesses can hold on people (customers, suppliers, employees and more).

 

  1. Personal Data –

    Data which relates to a living individual who can be identified from the data, or from the data and other information which is in possession of, or likely to come into the possession of the data controller; and it includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

     

 

  1. Sensitive Personal Data –

    Sensitive personal data is defined as personal data consisting of information relating to the data subject with regard to racial or ethnic origin; political opinions; religious beliefs or other beliefs or a similar nature; trade union membership; physical or mental health or condition; sexual life; the commission or alleged commission by the data subject of any offence; or any proceedings for any offence committed or alleged to have been committed by the data subject, the disposal or such proceedings or the sentence of any court in such proceedings.

     

 

That might all seem like a mouthful, but it basically means any data on an individual is covered by the Data Protection Act. So you are under obligation to keep this information secure, accurate and up to date. You must also ensure this data is not kept any longer than it is needed, and destroyed securely (with evidence) when it is no longer needed.

 

GDPR 

Of course, The UK Data Protection Act is living on borrowed time now. In May 2018, this act will be will be replaced by the EU regulation GDPR (which we have talked about before). Luckily, if you are compliant with the Data Protection Act you shouldn’t have too much of a problem getting your paperwork ready for GDPR. The main changes will be the ‘right to be forgotten’ and an intensified focus on privacy. This means you will need to ensure that you can easily find all paper records for individuals in order to destroy them, if requested. This on its own has lots of businesses scrambling to either redefine their filing systems ‘by person’, or to make the switch to paperless working. Either way, you need to be confident you can find everything you need if one of these right to be forgotten requests comes in. The second thing GDPR will affect in your paperwork obligations is privacy. You will need to analyse your processes and ensure that all data is kept secure and private. No one should be able to access documents if they aren’t authorised, and paperwork should all be destroyed properly and securely every time.

 

At Hungry Shredder, we help businesses get (and stay) compliant with their paperwork obligations by providing a secure method for document destruction. Our secure paper and hard drive shredding services ensure that your documentation is destroyed properly, and a full record is given of that destruction. That means you are not only meeting your privacy and destruction obligations, but you can prove it too. To find out more about what we do, get in touch with our team today.

Posted on

Why Your Paperwork Needs To Be GDPR Ready

By now, most business owners have heard about the looming spectre of GDPR. Depending on what industry you’re in, you may have only head the term in hushed voices. Or you might have been hearing about it every day for months and be sick of the subject. But either way, you need to be aware because GDPR affects all businesses in the UK.

 

What Is GDPR?

GDPR stands for ‘General Data Protection Regulation’, and is essentially the EU’s answer to all other data protection laws – including our own Data Protection Act. It came about because the EU noticed that all of its citizens were having their personal data treated differently by different countries because each country had its own rules about how sensitive information should be handled. Some were being protected well, but others were finding their data was being put at risk thanks to lax security laws. So instead, GDPR will apply to all EU countries, standardising and unifying data protection standards. The regulation is mandatory for all EU countries, and also extends to any non-EU business that handles EU citizen data. In short, the EU is dedicated to the protection of their citizen’s personal information. But this does cause some problems for UK businesses.

 

But How Does GDPR Affect My Paperwork?

GDPR is currently in a transitionary phase that allows businesses to get their affairs in order before the official launch date of the 25th May 2018. All UK businesses have until this date to ensure all of their systems are secure and prepared. This will mostly consist of IT systems upgrades, which are easy to test and change. But the same can’t be said for paperwork. Experts have revealed that businesses face their most significant challenges in applying GDPR to paper records. The regulations set out exactly how data should be acquired, used, stored and destroyed – all of which is much more complex in paper. So to help you get ahead, we have a few tips for you:

 

Make Sure You Can Find What you Need –  GDPR includes a wonderful little rule that enshrines the right of individuals to ‘be forgotten’ by businesses. In other words, people will be able to request that a company delete any and all personal data held on them, and the company has to comply. But while it might be easy to search and delete data form a database, it isn’t the case with paper records, which are often scattered around various storage areas in the business. So in order to be compliant, you may need to re-organise your filing system to make finding all data on a single person possible, without causing headaches.

 

Remember That Paper Can lead A Double Life –  Clearly defined processes for managing information from creation to secure destruction may not be enough on their own to comply with GDPR. Paper can slip through the cracks of the strictest information security frameworks, simply by being copied of printed or left lying around. This in itself is enough to constitute a breach of GDPR. We recommend you compliment your document management strategy with regular employee training and communication, to show staff how to merge information securely and support a business wide culture of information responsibility.

 

Build Privacy Into Your Processes – The GDPR is designed to bring privacy to the forefront of the way businesses produce, manage and dispose of information. For physical paperwork, this will be all about data handling processes. Ideally, you should make it difficult (if not impossible) for unauthorised people to access or copy documents. Disposal of documents should be secure and thoroughly documented. So your information storage, retention and destruction processes all need to be reviewed and amended with privacy in mind. This may mean investing in lockable or keypad protected document storage, and hiring an external shredding company to carry out destruction and document that destruction.

 

At Hungry Shredder, we know a lot about paperwork. In preparation for GDPR, we are helping customers to evaluate the security of their documents and how they are destroyed. Not only that, but our secure shredding service provides a simple, easy way for businesses to fulfil their GDPR obligations, without having to lift a finger. And because we provide official certification of document destruction, we are the ideal partner for your GDPR paperwork needs. To find out more, just get in touch with one of the team today.

 

Posted on

Japanese Scandals Lead To Document Shredding Review

There has been a lot going on in the world recently, so you can be forgiven for missing this one; but over the last few months, there have been series of scandals in Japan, all around document destruction. These scandals lead all the way to the prime minister, which is why the Japanese government is now launching a debate on revising how administrative documents should be managed.

 

What’s The Problem?

A series of scandals revolving around the leaking and destruction of essential documents within the Japanese government have been cropping up recently, with the most recent leak and subsequent shredding threatening the Japanese prime minister’s grip on power. In another scandal that led to the resignation of former Defence Minister Tomomi Inada last month, the Defence Ministry said it discarded the daily activity logs from Ground Self-Defence Force engineering unit that was participating in U.N. peacekeeping operations in South Sudan. Another was the Moritomo Gakuen scandal, part of which involved the heavily discounted sale of government land to the Osaka-based nationalist school operator. The Finance Ministry told the Diet that its records on the negotiations with the owner, who had once been supported by Prime Minister Shinzo Abe’s wife but now faces fraud charges, had been destroyed.

 

Unlike in the UK, Japanese rules around document management are not set in legal stone – they are simply guidelines. These guidelines for document management in Japan were first drawn up in 2011, and states that government agencies should sort documents into 4 categories for storage – ranging from 1 to 30 years – according to importance. Documents left out of these categories are kept for less than a year. Government agencies in Japan don’t have to keep records on document creation and destruction, and each agency has its own set of classification under these guidelines.

 

So What’s Next

In light of the scandals, the government debate will be focussed on how much the government can limit the arbitrary discarding of administrating documents that should be kept. In order to tackle the arbitrary document destruction, the government is considering ways to reduce the number of documents that are kept for less than a year. The debate, which will take place in the coming weeks, will study specific requirements for documents to be kept for less than a year, hoping to tweak the guidelines by the end of this year. In light of these scandals, various government employees are calling for a clear line to be drawn between administrative documents and notes – a line which isn’t clear now. Under the public records and archives management law, administrative documents are defined merely as “documents that the staff of administrative agencies create as part of their duties and are used as an organization.”

 

The seriousness of these document scandals is not to be underestimated, and they do a great job of highlighting the need for effective document handling storage and destruction legislation. In the UK, we have various laws that govern how businesses and government organisations can deal with different documents, including how long to store them for and providing proof of adequate destruction. If you would like to learn more about how you should destroy your documents and how we can help you do so, just get in touch with us today.

Posted on

How Paperwork Automation Can Enhance Your Business

In the flood of new predictions and projections for upcoming tech, it has been suggested that 2017/18 is the year that robots and AI will start to become prominent in our day to day lives. In fact, experts believe that automation via software and physical hardware will fully augment the existing workforce, allowing the humans within the organisation to focus on problem finding and solving, instead of more menial tasks. We couldn’t agree more. In fact, in the last year several departments in large companies – from HR to accounts, engineers to couriers – found that automating their paperwork and documentation processes led to them spending 40-50% less time on administrative work, allowing them to focus more on their main tasks. So if your business deals with paperwork in any way, listen up!

 

Streamline Your Business

Paperwork is, without a doubt, one of the most time consuming and sometimes boring jobs that is essential to keep your business running. But it doesn’t have to be. Instead of spending hours wading through paperwork, filing and data entry, you can automate your documentation processes instead. Automation software can remove the need for human involvement in repetitive paperwork tasks like data entry and filing, providing a high rate of accuracy in a fraction of the time. With the heavy lifting and repeatable tasks in the hands of computer software, your staff members are now free to spend their time on tasks which are much more valuable to your business. This approach also holds an extra benefit. Studies in America and Britain have discovered that those businesses that are employing automated reporting systems are reducing their physical paperwork load (great news for the environment and data protection compliance) and producing more efficient, accurate records. When it comes to data you can never be too accurate, and this could be why 98% of businesses are now looking at automated software for the first time.

 

Reduce Risk & Make Compliance Easier 

People make mistakes. We might like to think we are perfect, but the reality is everyone is going to make a mistake or two in their working lives. Invoices can get lost on deliveries, important post can be put into the ‘bin’ pile instead of the ‘client’ pile, and reports can be accidentally deleted from the system. Missing paper, data entry errors or inaccessible data can cause a whole host of problems, especially when the end of year tax returns roll around. Sadly most of these mistakes come from human error during the processing or handling of paperwork, and the results can range from a minor inconvenience to large liabilities in cases of disputed bills or inspections. Removing the human element from your data processing means that errors will disappear. What’s more, you can programme your automation software to your specific company guidelines and policies so you know that all of your paperwork is completely compliant. This is especially useful for accounting and compliance departments who need to adhere to a complex set of rules regarding paperwork.

 

Cost Effective

In today’s busy schedules we often hear the phrase ‘time is money.’ Our most valuable asset is the time we have, and the amount we can do in that time at work defines how efficient we are being. For a lot of employees across all industries, thousands of man hours are piled into administrative tasks. But if those tasks were taken away, those employees would have more time available to focus on helping the business grow and improve. Not only will automating your documentation processes save you hundreds of hours every single month, but the saved time investment from your employees can help your business to grow more quickly. In fact, studies have shown that businesses who use automated software for their paperwork, documentation and marketing processes are growing on average 63% quicker than those who aren’t, with a 10% increase in sales being contributed to their pipeline through a combination of automated software and increased sales time from their teams.

 

Don’t Forget The Shredding

Of course, no matter how hard you try, physical paperwork is still going to come into your business. Clients will send you documents, suppliers will send paper invoices and there will still be some times where you need to generate the paper yourself. As much as we would like it to be achievable, the paperless office is still a far-off myth. That’s why you need a secure shredding solution in place to work alongside your automation solution. At Hungry Shredder, we love working with businesses who have automated their paperwork processes. We not only help them securely destroy the paperwork from the first big clear out that comes with a new automation solution, but we help them stay on top of their document shredding on an ongoing basis, and stay compliant with data protection legislation. For more information, just get in touch with us today.

Posted on

5 Paper Shredding Myths Busted

We talk a lot about paper shredding, particularly the facts around how it’s done and why you should do it. But we realise that there are a lot of myths and misconceptions out there around paper shredding, whether that’s to do with the environment or people piecing together your documents in the dead of night. So today, as a bit of light-hearted relief, we bring you our 5 favourite paper shredding myths and explain exactly why they are myths and not facts.

 

 

  1. No One Will Look Through Your Rubbish

 

Many people think that the idea of some shady character rooting through your rubbish is saved for the movies, but unfortunately, it is inspired by real life. There are many people who routinely go through the rubbish left by a business – some because it is part of their job to handle it and others for nefarious reasons. For example, the cleaning staff whose job it is to empty the bins might be tempted to take private information. Once it’s in the main rubbish bin outside it may be rifled through by just about anyone, from homeless people looking for boxes to journalists looking for an easy data leak story. What’s more, some areas are known to utilise the homeless to collect personal and business information from rubbish bins – paying them to bring sensitive information for use in their identity theft scams. So while it might seem far-fetched, and it might never happen to you – never throw anything away that could cause problems if found by someone else.

 

 

  1. It’s Better To Keep Records For As Long As Possible, Instead Of Shred Them

 

You would be amazed by the number of businesses who hoard every single document until they go out of business despite the fact it’s just not needed. The government has set up guidelines and rules around how long business owners need to keep documentation, which is designed to lower the risk of identity theft as much as it is making the auditor’s job easier. If you leave your business-, employee- and customer-data lying in storage for too long, you are only increasing the probability of identity theft for those people. Even employees who no longer work for the company would be at risk if you kept their documents (like the copy of their passport you took upon employment) after the set time period.

 

 

  1. It’s Cheaper To Use An Office Shredder

 

While on the face of it this might make sense, it is actually much more cost effective for businesses of almost any size to outsource their shredding to a professional instead of doing it in house. You might think ‘but an office shredder only costs £30, how is a profession al service going to be cheaper than that?’, but listen up. It’s not just the cost of the actual shredder you need to consider. The biggest cost of in-house shredding is actually found in staff time. You pay your staff for their time to do a job, and I’m willing to bet that shredding isn’t in that job description. Again – it might not seem like much, but the average office worker will spend over 26 hours a year shredding paperwork in house. Now look at what you pay each staff member for 26 hours of their time and add it all together – it is unlikely to be cost effective. So every time you let your employees shred their own paperwork, you might as well shred some money with it.

 

 

  1. Recycling Is A Perfectly Legal Way To Dispose Of Paperwork

 

For any business owner, this is absolutely, categorically wrong. Under the Data Protection Act (and soon under GDPR as well), businesses have an obligation to ensure documentation is used fairly and lawfully, kept securely while it is used for its specific purpose and kept for no longer than necessary. It then goes on to say that businesses that hold and process sensitive data about any individual or company must take appropriate measures to ensure the safe and secure destruction of that data – and that’s where the crux of this problem is. Firstly recycling isn’t destruction, and secondly, it isn’t secure. So recycling paperwork is completely against the legislation on this one, whereas using a secure shredding service that can provide legal proof of your documents confidential destruction is right on the money.

 

 

  1. Owning A Shredder Shows That I Am Compliant

 

Wrong again. Simply owning a shredder or having one in your office isn’t good enough to prove to the government that you have been using it. We all know not every employee is going to shred, and privacy laws require rigorous proof of all compliance. The only way to ensure you are fully compliant is to maintain a record of shredding that is monitored and certified by a manager. But this is a very time-consuming endeavour, which is why many companies opt for an outsourced shredding company that can provide this documentation as part of the service.

 

At Hungry Shredder, we work with business to help them understand the whole shredding process, and how it will truly benefit your business. Not only is it a more cost effective, secure solution to your document destruction obligations, but it means you can relax in a stress-free environment, knowing that your data protection obligations are completely covered. For more information, or to book your first shredding session today, just get in touch with one of our team.

Posted on

4 Things To Remember Before You Sell Your Old IT Equipment

In an age where technology is evolving so quickly, it can seem like we’re buying new IT equipment every other month, particularly if you’re in a tech driven field. But what do you do with all of your old equipment once you have replaced it? For many businesses, this equipment represents a substantial investment, so it’s understandable that you don’t want to just throw it all away. Instead, many businesses opt to sell their old IT equipment on for second-hand use or recycling. But there are a few steps you need to take first in order to protect your business and your data.

 

 

Do A Manual Data Reset

 

The first thing you need to do is make a full, comprehensive back up of your data. Once you erase all of the data from your machines there is no getting it back, so unless you want to lose it, you need to make sure it’s safe. Only after you have done this can you move onto the next stage – doing a manual wipe of all data on your machine. This will not be a fool proof method of completely deleting everything on the machine (we’ll get to that in a minute), but it will remove all of the surface data, temporary files and other top level information. A complete factory reset is simple to do for laptops, PC’s and tablets but may be more difficult for servers or more complex machinery.

 

 

Remove The Hard Drive

 

As we mentioned in the point above, a factory reset won’t completely remove your data, so your IT isn’t completely safe to sell just yet. Next, you need to remove the hard drive from the machine completely. You need to do this because the hard drive is where your files are stored, and even a factory reset won’t erase these completely. Students at MIT proved this when they subjected 250 second-hand hard drives bought on eBay to some basic forensic recovery software – which was able to recover credit card information, healthcare details, bank accounts and more. If you aren’t sure how to remove your hard drive, you can check out our guide here.

 

 

Shred The Hard Drive

 

Once you have removed the hard drive, you need to decide what to do with it. Outside of the computer, it will basically be a useless hunk of metal – but with your personal and business information stored on it. So instead of throwing it away or leaving it in a cupboard to gather dust, you should take it to a shredding plant. Shredding a hard drive is the only way to ensure that the data on it can never be retrieved (short of investing in a very large and expensive magnet!).

 

 

 

Sell Or Recycle?

 

And finally, you need to decide whether you will sell your equipment or recycle it. Newer machines and equipment that is simply surplus to requirements can be sold on to new users through platforms like eBay and Gumtree, which allows you to recoup some of your investment and provide others with a useable computer. But if the machinery is old, worn out or on its last legs, it may be better served as recycling. In this case, you can either sell it to a recycling plant or have the entire thing shredded. Before shredding the equipment, many components will be harvested for reuse in new machines, and everything else will be shredded and separated into metal and plastic types, shipped off to factories who can use it in new equipment.

 

 

At Hungry Shredder, we believe in recycling and reusing as much as possible. Selling or shredding your old IT equipment is a great way to protect the environment and divert unnecessary waste from landfill sites. For more information on how Hungry Shredder can help you recycle your old IT equipment, get in touch with us today.