Category: Uncategorized

It’s a new year, which means new goals!

For a lot of businesses we talk to, 2020 is the year of productivity. Of taking a business model that works, but making it work harder. There are lots of ways to make that happen, but one of the most often overlooked ones is investing in a shredding service.

Every business has sensitive information floating around the office. Customer invoices, payroll and other information shouldn’t be common knowledge within the workplace, so companies typically shred these documents. However, placing the shredder in a common area for every employee to use isn’t an efficient way to handle this paper volume in a productive manner – enter shredding services.

Reduced Workplace Clutter

We’ve talked about this before, but a clean desk (and office) leads to productive employees. Some offices could have hallways and rooms filled with boxes of sensitive paperwork, and the clutter makes it difficult to move around the office, challenging to find what you need and almost impossible to focus. There have been many studies showing the mental health and productivity benefits of a clear workplace and office environment, and a shredding service can help you achieve that.

No Inefficient Time Wasting

Businesses without shredding services will usually dedicate one or two employees to document destruction. If the volume is too large for a basic office shredder, they’ll fill containers with paperwork and haul them to a nearby shredding company. This hauling time adds up to significant lost work hours at the business. A mobile document shredding company will improve the company’s productivity by eliminating this paperwork transport time completely.

Focus On Tasks

Shredding might be a necessary task in an office, but it is time consuming, dull and very low skilled work. There is no scenario where paying an employee to sit and feed an office shredder is a good use of time, and it often leads to very inefficient processes. But if you outsource your shredding, your employees can simply place their documents into a secure storage bin, and someone else does all the heavy lifting. This means your employees can focus on their tasks, and not mindless busywork. There are bonus points here too, because effective shredding solutions mean employees only need to search through current and relevant files to find what they need, rather than sifting through old and out of date documents.

No Maintenance

When you use an external shredding service, you get everything that goes with the territory – including use of the heavy duty machinery. And the best part is that you don’t have to maintain it! If you were using an office shredder for all of your shredding, it would inevitably break down with constant use. And because office shredders are small, your employees will usually become the repair technicians just to get it working again so that it can be used. The need for this is completely eliminated with a service, saving you time and money on repair costs and avoiding a major drain on productivity.

At Hungry Shredder, we work with businesses owners who want to be more efficient and productive, making the most of their valuable time. And for most, that isn’t spent shredding! So we do it for them, either with an on-site shredding service, or a full collection service for larger volumes or more specialist shredding needs. If you would like to know more about how we can help with your productivity, just get in touch with the team today.

It’s Christmas, and who doesn’t love a good sing-a-long at Christmas? More importantly, who doesn’t enjoy knowing their sensitive data is secure, with all of that information of yours and your customers protected to the best of your ability? As everyone starts to wind down for the Christmas period, security should be one of the biggest things on your mind – especially if you’re going to be leaving empty offices behind. And since it is the festive season, we’ve put together a selection of 12 Christmas security tips to sing along to, and hopefully keep your business merry and bright.

On The First Day Of Christmas make sure all of your employees are prepared to leave behind a clear desk. We’ve talked about how great clear desk policies are before, but even if you don’t embrace the idea normally, Christmas is the time to do so. A clear desk means no confidential information left to fall into the wrong hands, and everything is secured away.

On The Second Day Of Christmas ask employees to store any electronic devices over the holidays, or during operating hours if you work in a retail industry (or something that means clients will be coming in and out a lot). Exposed devices like laptops and mobile phones can lead to a data breach and a lot of damage to your business.

On The Third Day Of Christmas remind any staff who will be working from home over the festive period how they should be disposing of office-related documents. While the recycling bin might be perfect for your unwanted wrapping paper, it’s not right for sensitive information, especially if it’s somewhere visible to everyone.

On The Fourth Day Of Christmas make sure staff are aware of any contractors you have hired over the Christmas period, ad who will be in the office when. Include a reminder to always check ID and make sure no official documents are left out in plain sight.

On The Fifth Day Of Christmas make a log of all electronic equipment or USBs leaving the office over the Christmas period, including where they are going with who, and what data they have access too. Remember to log them back in on your return. It’s important to keep track of where all storage devices are to help protect your business from a data breach.

On The Sixth Day Of Christmas try to limit the type of documents that employees can remove from your office. After all, there is no way to ensure the data is secure when it’s outside of your company’s control.

On The Seventh Day Of Christmas be sure electronic devices such as tablets and laptops which employees might be working on from home are encrypted and password protected, to safeguard any confidential information stored on them.

On The Eighth Day Of Christmas remind employees to destroy all paper copies of invoices and financial documents that are no longer needed. In the frantic rush to get everything paid before the end of the year, it’s easy to miss something.

On The Ninth Day Of Christmas you might have paid out your employee’s Christmas bonuses, but remember that payslips and all other employee information should be destroyed securely, or at least stored safely away from prying eyes.

On The Tenth Day Of Christmas adopt a new mantra: ‘new year, new start’. Revisit your security protocols and processes around data security, and if you have time conduct a full information security audit. You don’t have to act on anything you find now, but it gives you a good starting point for the new year.

On The Eleventh Day Of Christmas start thinking about those New Year’s Resolutions. Need to keep your paperwork under control?  Consider employing a shredding service to help your business become more efficient, secure and reduce the risk of an information security breach.

On The Twelfth Day Of Christmas make sure you have a process in place for the inevitable ‘new year’ clear out your employees will do. Ensure all documentation is destroyed properly, and not just thrown in the bin. If you can, hire a secure document bin to place everything into, ready to send to the shredder.

But above all, relax and enjoy your Christmas! For more tips on data security, shredding or employee productivity, just head to our blog page.

Shredding is a fairly standard thing by now. Even if you don’t do it yourself, pretty much everyone knows what the shredding process is and why it’s done – particularly in a business setting. It’s a standard part of security and compliance, and help to make sure your sensitive data is always protected, It also makes it easy to dispose of your sensitive documents without taking scissors to them. But do you know what happens to your records once they have been shredded?

After Shredding

Once you give your documents over to a shredding professional (lime us), they are processed. This means they are mixed in with other documents (for added security) and put through an industrial shredder. These are much bigger and more efficient than your standard office shredder, and the result is small confetti like pieces of paper in a variety of shapes, depending on the type of shredder used. These pieces are so small that no information from the records can be read, and there is no hope of piecing it back together. This confetti like paper is then bundled up and taken to a recycling centre so that it can be put to a new use.

When the paper arrives at the recycling centre they are chemically treated. This means they will be washed with chemicals and treated water to remove the print and start the process of breaking down the paper. The mulch will then be cleansed of any impurities that might be in it by pressing it against a screen. Then, before the old paper is bonded and dried, any last bits of ink that might be clinging to the paper are washed away in a final rinse cycle. The last step is to convert the shredded paper (now resembling pulp) into new products, usually done by passing it through a series of pressure presses and rollers.

The Benefits Of Recycling

Of course, paper is one of the most recyclable materials on the planet, with a single piece of paper able to be recycled and reused at least 7 times. This means there are some considerable benefits to recycling used paper, including:

• It takes only a couple of hours to turn obsolete paper waste into something new that can be used by consumers or businesses, without using any new materials

• Some of the products that can be created with recycled paper include paper towels, writing paper and toilet rolls

• You’ll see a significant reduction in your businesses’ carbon footprint, as waste paper that’s been recycled won’t end up in landfill

• Improved social responsibility. By investing in a more streamlined disposal process that minimises the impact your business operations have on the natural world

Why Invest In Professional Shredding?

Simply put, using a professional shredding company is the only way you can ensure your old paper waste is properly recycled. By shredding inhouse and simply putting it all in a recycling bin, you can’t guarantee that your paper will actually be recycled and reused in a new batch of products. But if the environmental angle isn’t quite enough to convince you, then there is also the fact that professional shredding:

• Protects your business information from competitors

• Ensures your customer and employee data is safely destroyed

• Meets all standards set out by GPDR and other data protection laws, keeping you in the clear

• Improves social responsibility, as shredding is a much more environmentally friendly option, with an end result of recycling 99.9% of the time

• Helps you dispose of bulk paperwork in a simple, efficient manner

• Saves employee time – no more hours spent bent over the office shredder

In short, the most efficient way for your business to deal with obsolete documents or records is to use a professional shredding service. Not only does this ensure certain data protection standards are met (and you can prove it), but it significantly improves the green credentials at the same time. If you would like to know more, just get in touch with us today.

These days, anyone can sell just about anything on the internet. The deep web, the dark web, the black market; whatever name you’ve heard for it, in the recesses of the internet, it exists. It’s not a safe place to be, what with the lurking hackers and strange mystery items being sold and shipped across the world, but it plays a huge part in the market for medical records.

Healthcare facilities are often targeted because of the sheer number of patient files that can be harvested from their servers. Each patient has a paper file, of course, but in this digital age, many facilities are choosing to keep data on their computers for ease of access. This is where the issue lies. Healthcare facilities are chosen as targets for hackers so that this data can be collected and sold.

There are many reasons that someone would buy medical data. Hackers can sell several files for a lot of profit because they contain so much personal data. Think about it. Your medical file would have your name, date of birth, your address, and even a list of your medical conditions. If you’re on a repeat prescription, a hacker could easily find out what GP you’re with, which pharmacy you use, and collect your prescription while acting as you. Remember the last time you collected a pre-ordered prescription? They probably asked you to confirm your name and address. Data that your medical file would list.

As well as drug and substance abuse issues, the hacker would have also listed your address and all of your other personal details. Individuals who don’t visit their GP very often won’t realise that their data has been misused or stolen. There have been cases where healthcare users discover that their file has been stolen a long time after it happens. Unlike things like debit or credit card theft, there is no sure-fire way to report theft of medical data.

It’s not thought to be a common occurrence, and many don’t realise it happens until it’s too late. Ransomware is one major way that these hackers gain access to healthcare data. In the two years between 2014 and 2016, almost half of the data breaches in the UK were aimed at healthcare organisations.

What this means is that the healthcare industry was targeted more than any other industry. Medical records provide data thieves with more data to sell off to the highest bidder, and it’s safer to sell off too; because the likelihood of it being reported is much lower than financial data theft.

Medical records, depending on the information available, can be sold for anywhere between £15 and £1500 each. Just from the consequences alone, you can see exactly why this type of information needs to be protected better than it currently is. There are many methods that can be used to prevent the theft of medical information, and it starts by ensuring that the industry is aware of the problem.

Back on the 25^th May, the European Union saw the first year of it’s General Data Protection Regulation come and go. This regulation has been one of the most vital changes in data privacy in the last ten years; changing the way that every single business handles personal data, among other things.

With the introduction of GDPR, many were confused. The regulation seemed difficult for many to fully understand, especially those who were not well-versed with personal data or the kinds of records that companies were legally able to keep. GDPR enabled the everyday member of the public to have a say in their personal data and refuse to give permission for any company to hold their details.

Understanding What GDPR Is

This subject has been covered time and time again, but for any that are still uncertain, we’d like to take some time to summarise what GDPR is. The regulation is complicated, that’s for sure, but it’s not impossible to understand. GDPR isn’t a complicated IT problem, and for individuals who have regained control of their data, it is the best thing to happen in a long time.

GDPR, or “General Data Protection Regulation”, is a regulation that purely protects and empowers EU citizens and their private data. Any EU citizen has the right to ask a company to delete their private and personal data, and they are legally required to do so.

The goal of GDPR is to ensure that any personal data is not misused – such as for things like cold calling. The regulation protects all EU citizens, even if the company is outside of the EU but holding the data of an EU person.

Businesses Have Struggled To Implement GDPR

Many organisations were not prepared for the new regulation to be put in place and were delayed in putting together the proper procedures to be compliant. There were a number of compliance issues in the early days of GDPR, and even now, not all businesses are fully compliant. A large amount of the organisations that are not compliant are in that state because they believe that the regulation does not apply to them. But it applies to everyone.

Lack Of Compliance Has Not Led To Overpowering Fines

One of the major worries of businesses around the world was that if they were found to not be compliant, they would be hit with a fine so large that they would go under. Small to medium businesses, in particular, seemed concerned. But most investigations have resulted in no such fine, rather, a chance to change.

The People Know Their Rights

GDPR has led to a plethora of people coming to fully understand their privacy and data rights. When you consider that the regulation was put in place to aid the people in their desire for more privacy, GDPR has more than done its job. The individuals of today know more than ever about their data and how that personal data is processed in the business world.

It can be so easy to make a mistake with your documents and their safety. Documents often contain sensitive information that needs to be kept in a secure location, but most office workers forget this fact when they’re working with said documents. You could enter any local office and you’ll be able to spot a few issues straight away.

What Is A Sensitive Document?

A sensitive document can outline any document that contains information about you, your company or another business that your company is communicating with. This includes business partners and your own clientele.

Every office will have these types of documents. They’re an essential part of running a business, but paper copies can become a hassle if they aren’t properly managed. Minimising the risk that comes with keeping visible documents should be a primary concern.

How Your Documents Are At Risk

We don’t think about it while we’re working, but the documents that we use for our company on a day-to-day basis are crucial to our company’s success. They may list anything from personal information of a client to financial details, or even just have your own email and phone number on there (even just your work ones). No matter what information is displayed, we can guarantee that it’s sensitive in some way.

If you have documents lying on worktops or shoved into unlocked desk drawers, then you already have a document security issue. The matter of the fact is, when an employee is done for the night, the last thing they will think about is putting away a file they will need again the next day. Because of this action, which most of your employees will do, sensitive documents are left out for prying eyes to see.

There are, however, many simple and easy ways to keep your documents and your information safe without taking extreme measures. As always, there will be different solutions for different problems, but there is a solution; and that’s what’s important.

Set Up A Storage Policy

If you do decide to stick to the old ways of paper documents, then your company could greatly benefit from having a document management and storage policy. Any documents that are stored on-site should be stored in a secure location in the office, itself. This storage location should be complete with lockable file cabinets or a lockable cupboard. No one person – apart from trusted managers and supervisors – should have the keys for these areas.

That might seem like a lot of work, but surely having an employee spend a couple of moments asking for a key is better than having documents left out on a table for the world to peek at? If not a key, then a coded door would work, as well. It’s much harder to lose a code, and it can be easily changed if you think there’s an issue.

Of course, your other solution is just to go entirely paperless. This will take time, but just think about all of the space you’d free up around the office – and how much more accessible documents would be.

Working remotely is one of the best things about being in a job where you can work from home on days where you’re not needed in the office. Of course, for the business that is enabling the “work from home” method into their practices, things aren’t quite as easy as they seem. A secure remote working policy is needed to ensure that your employees are as safe working at home as they are in the office.

Today’s technology is fantastic, and working from home is extremely popular with employees who spend long hours typing away in their offices. More modern employers are open to reaping the benefits of flexible working patterns and contracts, and are often more than happy to allow their employees a few days a home, as long as they get their duties completed just as well as they usually would.

A strong and secure work from home policy will minimise any risks that could come from having an employee work from home. These risks are quite specific to your own company, so the policy that works for one company may not work for yours. A bit of trial and error is usually needed for any policy, though, so it’s really nothing to worry about.

Risks depend on the data and information that your employee is working with. There are sometimes certain levels of access required to use particular areas of your company system, and it’s really up to you to decide whether or not you are happy to have these areas accessed outside of your company’s office setting. That’s not saying that your employees can’t work from home at all, just that you will need to decide what they can or can’t access remotely.

Many employers choose to give their employees company laptops to use when they’re working from home. These have better protection, more suited to business needs, and can keep your employee safe online while they’re working through the day for you.

You should clearly outline what your employee’s duties are if you’re allowing them to work from home. Working from home doesn’t need to be a huge deal, but there should be a certain amount of work you expect them to complete if they’re going to be away from the office for that day (or for a number of days). It’s unlikely that an employee is going to conduct themselves in the exact same manner at home as they would while in the office, but there’s a certain level of responsibility that still needs to be taken into account.

Furthermore, your employees should be clear on any expectations you have for them during their time at home. This includes how many hours you expect them to work – or, alternatively, a set amount of work they need to complete. Usually, this helps both you and your employee find a balance between working at home and how much they should be paid for that day, as well as what you expect from them.

At Hungry Shredder, we think working form home can be an amazing thing. For many people, working from home means they get more done, are happier within themselves, and perform better at daily tasks. But to do that, businesses need to make sure they are treating confidential data with care, and have policies in place to protect it. If you would like to find out more, then please get in touch with one of our team today, and we’ll be happy to share some advice.

When it comes to running a business, nothing is ever simple. This goes double for your paperwork. Even though more businesses than ever are aiming for the ‘paperless’ goal, paperwork is still a huge pain point. There are a huge number of processes that need to be followed with paper, and many more industry specific rules. But there are some key regulations that govern how businesses manage paper, and you need to know what they are, and how you can stay compliant.

 

Companies House Filings

 

Of course, as a UK business, you have some basic obligations for paperwork with Companies House. These obligations are mainly around what you need to keep, and for how long. Every UK business is required to keep the following documents for 6 years:

 

• Accounting records
• Stock records
• Details of goods bought and sold, including parties involved (unless you are running a retail business)
• Financial records (such as receipts, petty cash books, delivery notes, copies of invoices, contracts, sales books)
• Balance sheets
• Profit & loss statements
• Financial forecasts

 

Because these records are highly sensitive, businesses also need to stay on top of destroying these once that 6 year timer runs out. Otherwise, you are leaving your business open to identity theft and fines from Companies House. That’s where your shredding partner comes in – we help you destroy these documents securely and on time.

 

On top of that, you will need to keep a few bits of paperwork indefinitely, like:

 

• Detailed record of the company
• Results of any shareholder votes
• Specifics of any company loans
• Record of share purchases and sales

 

Data Protection

The Data Protection Act is the final authority in how your business should be handling data. You might think you don’t really handle data in paper form, but we can guarantee that you do. The Data Protection Act defines 2 types of data businesses can hold on people (customers, suppliers, employees and more).

 

1. Personal Data –

   Data which relates to a living individual who can be identified from the data, or from the data and other information which is in possession of, or likely to come into the possession of the data controller; and it includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

    

 

2. Sensitive Personal Data –

   Sensitive personal data is defined as personal data consisting of information relating to the data subject with regard to racial or ethnic origin; political opinions; religious beliefs or other beliefs or a similar nature; trade union membership; physical or mental health or condition; sexual life; the commission or alleged commission by the data subject of any offence; or any proceedings for any offence committed or alleged to have been committed by the data subject, the disposal or such proceedings or the sentence of any court in such proceedings.

    

 

That might all seem like a mouthful, but it basically means any data on an individual is covered by the Data Protection Act. So you are under obligation to keep this information secure, accurate and up to date. You must also ensure this data is not kept any longer than it is needed, and destroyed securely (with evidence) when it is no longer needed.

 

GDPR 

Of course, The UK Data Protection Act is living on borrowed time now. In May 2018, this act will be will be replaced by the EU regulation GDPR (which we have talked about before). Luckily, if you are compliant with the Data Protection Act you shouldn’t have too much of a problem getting your paperwork ready for GDPR. The main changes will be the ‘right to be forgotten’ and an intensified focus on privacy. This means you will need to ensure that you can easily find all paper records for individuals in order to destroy them, if requested. This on its own has lots of businesses scrambling to either redefine their filing systems ‘by person’, or to make the switch to paperless working. Either way, you need to be confident you can find everything you need if one of these right to be forgotten requests comes in. The second thing GDPR will affect in your paperwork obligations is privacy. You will need to analyse your processes and ensure that all data is kept secure and private. No one should be able to access documents if they aren’t authorised, and paperwork should all be destroyed properly and securely every time.

 

At Hungry Shredder, we help businesses get (and stay) compliant with their paperwork obligations by providing a secure method for document destruction. Our secure paper and hard drive shredding services ensure that your documentation is destroyed properly, and a full record is given of that destruction. That means you are not only meeting your privacy and destruction obligations, but you can prove it too. To find out more about what we do, get in touch with our team today.