Category: Uncategorized

Back on the 25^th May, the European Union saw the first year of it’s General Data Protection Regulation come and go. This regulation has been one of the most vital changes in data privacy in the last ten years; changing the way that every single business handles personal data, among other things.

With the introduction of GDPR, many were confused. The regulation seemed difficult for many to fully understand, especially those who were not well-versed with personal data or the kinds of records that companies were legally able to keep. GDPR enabled the everyday member of the public to have a say in their personal data and refuse to give permission for any company to hold their details.

Understanding What GDPR Is

This subject has been covered time and time again, but for any that are still uncertain, we’d like to take some time to summarise what GDPR is. The regulation is complicated, that’s for sure, but it’s not impossible to understand. GDPR isn’t a complicated IT problem, and for individuals who have regained control of their data, it is the best thing to happen in a long time.

GDPR, or “General Data Protection Regulation”, is a regulation that purely protects and empowers EU citizens and their private data. Any EU citizen has the right to ask a company to delete their private and personal data, and they are legally required to do so.

The goal of GDPR is to ensure that any personal data is not misused – such as for things like cold calling. The regulation protects all EU citizens, even if the company is outside of the EU but holding the data of an EU person.

Businesses Have Struggled To Implement GDPR

Many organisations were not prepared for the new regulation to be put in place and were delayed in putting together the proper procedures to be compliant. There were a number of compliance issues in the early days of GDPR, and even now, not all businesses are fully compliant. A large amount of the organisations that are not compliant are in that state because they believe that the regulation does not apply to them. But it applies to everyone.

Lack Of Compliance Has Not Led To Overpowering Fines

One of the major worries of businesses around the world was that if they were found to not be compliant, they would be hit with a fine so large that they would go under. Small to medium businesses, in particular, seemed concerned. But most investigations have resulted in no such fine, rather, a chance to change.

The People Know Their Rights

GDPR has led to a plethora of people coming to fully understand their privacy and data rights. When you consider that the regulation was put in place to aid the people in their desire for more privacy, GDPR has more than done its job. The individuals of today know more than ever about their data and how that personal data is processed in the business world.

It can be so easy to make a mistake with your documents and their safety. Documents often contain sensitive information that needs to be kept in a secure location, but most office workers forget this fact when they’re working with said documents. You could enter any local office and you’ll be able to spot a few issues straight away.

What Is A Sensitive Document?

A sensitive document can outline any document that contains information about you, your company or another business that your company is communicating with. This includes business partners and your own clientele.

Every office will have these types of documents. They’re an essential part of running a business, but paper copies can become a hassle if they aren’t properly managed. Minimising the risk that comes with keeping visible documents should be a primary concern.

How Your Documents Are At Risk

We don’t think about it while we’re working, but the documents that we use for our company on a day-to-day basis are crucial to our company’s success. They may list anything from personal information of a client to financial details, or even just have your own email and phone number on there (even just your work ones). No matter what information is displayed, we can guarantee that it’s sensitive in some way.

If you have documents lying on worktops or shoved into unlocked desk drawers, then you already have a document security issue. The matter of the fact is, when an employee is done for the night, the last thing they will think about is putting away a file they will need again the next day. Because of this action, which most of your employees will do, sensitive documents are left out for prying eyes to see.

There are, however, many simple and easy ways to keep your documents and your information safe without taking extreme measures. As always, there will be different solutions for different problems, but there is a solution; and that’s what’s important.

Set Up A Storage Policy

If you do decide to stick to the old ways of paper documents, then your company could greatly benefit from having a document management and storage policy. Any documents that are stored on-site should be stored in a secure location in the office, itself. This storage location should be complete with lockable file cabinets or a lockable cupboard. No one person – apart from trusted managers and supervisors – should have the keys for these areas.

That might seem like a lot of work, but surely having an employee spend a couple of moments asking for a key is better than having documents left out on a table for the world to peek at? If not a key, then a coded door would work, as well. It’s much harder to lose a code, and it can be easily changed if you think there’s an issue.

Of course, your other solution is just to go entirely paperless. This will take time, but just think about all of the space you’d free up around the office – and how much more accessible documents would be.

Working remotely is one of the best things about being in a job where you can work from home on days where you’re not needed in the office. Of course, for the business that is enabling the “work from home” method into their practices, things aren’t quite as easy as they seem. A secure remote working policy is needed to ensure that your employees are as safe working at home as they are in the office.

Today’s technology is fantastic, and working from home is extremely popular with employees who spend long hours typing away in their offices. More modern employers are open to reaping the benefits of flexible working patterns and contracts, and are often more than happy to allow their employees a few days a home, as long as they get their duties completed just as well as they usually would.

A strong and secure work from home policy will minimise any risks that could come from having an employee work from home. These risks are quite specific to your own company, so the policy that works for one company may not work for yours. A bit of trial and error is usually needed for any policy, though, so it’s really nothing to worry about.

Risks depend on the data and information that your employee is working with. There are sometimes certain levels of access required to use particular areas of your company system, and it’s really up to you to decide whether or not you are happy to have these areas accessed outside of your company’s office setting. That’s not saying that your employees can’t work from home at all, just that you will need to decide what they can or can’t access remotely.

Many employers choose to give their employees company laptops to use when they’re working from home. These have better protection, more suited to business needs, and can keep your employee safe online while they’re working through the day for you.

You should clearly outline what your employee’s duties are if you’re allowing them to work from home. Working from home doesn’t need to be a huge deal, but there should be a certain amount of work you expect them to complete if they’re going to be away from the office for that day (or for a number of days). It’s unlikely that an employee is going to conduct themselves in the exact same manner at home as they would while in the office, but there’s a certain level of responsibility that still needs to be taken into account.

Furthermore, your employees should be clear on any expectations you have for them during their time at home. This includes how many hours you expect them to work – or, alternatively, a set amount of work they need to complete. Usually, this helps both you and your employee find a balance between working at home and how much they should be paid for that day, as well as what you expect from them.

At Hungry Shredder, we think working form home can be an amazing thing. For many people, working from home means they get more done, are happier within themselves, and perform better at daily tasks. But to do that, businesses need to make sure they are treating confidential data with care, and have policies in place to protect it. If you would like to find out more, then please get in touch with one of our team today, and we’ll be happy to share some advice.

When it comes to running a business, nothing is ever simple. This goes double for your paperwork. Even though more businesses than ever are aiming for the ‘paperless’ goal, paperwork is still a huge pain point. There are a huge number of processes that need to be followed with paper, and many more industry specific rules. But there are some key regulations that govern how businesses manage paper, and you need to know what they are, and how you can stay compliant.

 

Companies House Filings

 

Of course, as a UK business, you have some basic obligations for paperwork with Companies House. These obligations are mainly around what you need to keep, and for how long. Every UK business is required to keep the following documents for 6 years:

 

• Accounting records
• Stock records
• Details of goods bought and sold, including parties involved (unless you are running a retail business)
• Financial records (such as receipts, petty cash books, delivery notes, copies of invoices, contracts, sales books)
• Balance sheets
• Profit & loss statements
• Financial forecasts

 

Because these records are highly sensitive, businesses also need to stay on top of destroying these once that 6 year timer runs out. Otherwise, you are leaving your business open to identity theft and fines from Companies House. That’s where your shredding partner comes in – we help you destroy these documents securely and on time.

 

On top of that, you will need to keep a few bits of paperwork indefinitely, like:

 

• Detailed record of the company
• Results of any shareholder votes
• Specifics of any company loans
• Record of share purchases and sales

 

Data Protection

The Data Protection Act is the final authority in how your business should be handling data. You might think you don’t really handle data in paper form, but we can guarantee that you do. The Data Protection Act defines 2 types of data businesses can hold on people (customers, suppliers, employees and more).

 

1. Personal Data –

   Data which relates to a living individual who can be identified from the data, or from the data and other information which is in possession of, or likely to come into the possession of the data controller; and it includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

    

 

2. Sensitive Personal Data –

   Sensitive personal data is defined as personal data consisting of information relating to the data subject with regard to racial or ethnic origin; political opinions; religious beliefs or other beliefs or a similar nature; trade union membership; physical or mental health or condition; sexual life; the commission or alleged commission by the data subject of any offence; or any proceedings for any offence committed or alleged to have been committed by the data subject, the disposal or such proceedings or the sentence of any court in such proceedings.

    

 

That might all seem like a mouthful, but it basically means any data on an individual is covered by the Data Protection Act. So you are under obligation to keep this information secure, accurate and up to date. You must also ensure this data is not kept any longer than it is needed, and destroyed securely (with evidence) when it is no longer needed.

 

GDPR 

Of course, The UK Data Protection Act is living on borrowed time now. In May 2018, this act will be will be replaced by the EU regulation GDPR (which we have talked about before). Luckily, if you are compliant with the Data Protection Act you shouldn’t have too much of a problem getting your paperwork ready for GDPR. The main changes will be the ‘right to be forgotten’ and an intensified focus on privacy. This means you will need to ensure that you can easily find all paper records for individuals in order to destroy them, if requested. This on its own has lots of businesses scrambling to either redefine their filing systems ‘by person’, or to make the switch to paperless working. Either way, you need to be confident you can find everything you need if one of these right to be forgotten requests comes in. The second thing GDPR will affect in your paperwork obligations is privacy. You will need to analyse your processes and ensure that all data is kept secure and private. No one should be able to access documents if they aren’t authorised, and paperwork should all be destroyed properly and securely every time.

 

At Hungry Shredder, we help businesses get (and stay) compliant with their paperwork obligations by providing a secure method for document destruction. Our secure paper and hard drive shredding services ensure that your documentation is destroyed properly, and a full record is given of that destruction. That means you are not only meeting your privacy and destruction obligations, but you can prove it too. To find out more about what we do, get in touch with our team today.

We talk a lot about paper shredding, particularly the facts around how it’s done and why you should do it. But we realise that there are a lot of myths and misconceptions out there around paper shredding, whether that’s to do with the environment or people piecing together your documents in the dead of night. So today, as a bit of light-hearted relief, we bring you our 5 favourite paper shredding myths and explain exactly why they are myths and not facts.

 

 

1. No One Will Look Through Your Rubbish

 

Many people think that the idea of some shady character rooting through your rubbish is saved for the movies, but unfortunately, it is inspired by real life. There are many people who routinely go through the rubbish left by a business – some because it is part of their job to handle it and others for nefarious reasons. For example, the cleaning staff whose job it is to empty the bins might be tempted to take private information. Once it’s in the main rubbish bin outside it may be rifled through by just about anyone, from homeless people looking for boxes to journalists looking for an easy data leak story. What’s more, some areas are known to utilise the homeless to collect personal and business information from rubbish bins – paying them to bring sensitive information for use in their identity theft scams. So while it might seem far-fetched, and it might never happen to you – never throw anything away that could cause problems if found by someone else.

 

 

2. It’s Better To Keep Records For As Long As Possible, Instead Of Shred Them

 

You would be amazed by the number of businesses who hoard every single document until they go out of business despite the fact it’s just not needed. The government has set up guidelines and rules around how long business owners need to keep documentation, which is designed to lower the risk of identity theft as much as it is making the auditor’s job easier. If you leave your business-, employee- and customer-data lying in storage for too long, you are only increasing the probability of identity theft for those people. Even employees who no longer work for the company would be at risk if you kept their documents (like the copy of their passport you took upon employment) after the set time period.

 

 

3. It’s Cheaper To Use An Office Shredder

 

While on the face of it this might make sense, it is actually much more cost effective for businesses of almost any size to outsource their shredding to a professional instead of doing it in house. You might think ‘but an office shredder only costs £30, how is a profession al service going to be cheaper than that?’, but listen up. It’s not just the cost of the actual shredder you need to consider. The biggest cost of in-house shredding is actually found in staff time. You pay your staff for their time to do a job, and I’m willing to bet that shredding isn’t in that job description. Again – it might not seem like much, but the average office worker will spend over 26 hours a year shredding paperwork in house. Now look at what you pay each staff member for 26 hours of their time and add it all together – it is unlikely to be cost effective. So every time you let your employees shred their own paperwork, you might as well shred some money with it.

 

 

4. Recycling Is A Perfectly Legal Way To Dispose Of Paperwork

 

For any business owner, this is absolutely, categorically wrong. Under the Data Protection Act (and soon under GDPR as well), businesses have an obligation to ensure documentation is used fairly and lawfully, kept securely while it is used for its specific purpose and kept for no longer than necessary. It then goes on to say that businesses that hold and process sensitive data about any individual or company must take appropriate measures to ensure the safe and secure destruction of that data – and that’s where the crux of this problem is. Firstly recycling isn’t destruction, and secondly, it isn’t secure. So recycling paperwork is completely against the legislation on this one, whereas using a secure shredding service that can provide legal proof of your documents confidential destruction is right on the money.

 

 

5. Owning A Shredder Shows That I Am Compliant

 

Wrong again. Simply owning a shredder or having one in your office isn’t good enough to prove to the government that you have been using it. We all know not every employee is going to shred, and privacy laws require rigorous proof of all compliance. The only way to ensure you are fully compliant is to maintain a record of shredding that is monitored and certified by a manager. But this is a very time-consuming endeavour, which is why many companies opt for an outsourced shredding company that can provide this documentation as part of the service.

 

At Hungry Shredder, we work with business to help them understand the whole shredding process, and how it will truly benefit your business. Not only is it a more cost effective, secure solution to your document destruction obligations, but it means you can relax in a stress-free environment, knowing that your data protection obligations are completely covered. For more information, or to book your first shredding session today, just get in touch with one of our team.

Over the past few decades many people have been shouting about the imminent arrival of the paperless office. But even the explosion of new Internet technologies which allow users to share, read and edit documents, we are still clinging to the notion that businesses need paper to function. We believe that the paperless office is a myth, with businesses preferring a paper-light instead of paperless work environment.

 

What Is The Paperless Office?

 

The idea of the paperless office has been around for a long time, with the earliest recorded thoughts on it dating back to the Seventies with information scientist Frederick Lancaster. With the knowledge we have about producing paper and its impact on the environment it’s not surprising that many businesses want to be able to operate a completely paper free office, transferring everything into a digital formats. But in reality SME’s want a paper-light rather than paperless office solution, because print still plays a vital part in business. In fact, a survey from 2014 found that paper usage was on the increase in most firms, with ¾ of all invoices that arrived in PDF form being printed, and almost half of paper documents being scanned being created digitally.

 

The Technology Is Out There

 

One of the common myths of the paperless office is that the technology isn’t ready to support it yet. This is actually far from true. The components of the paperless office are all readily available and are actually fairly inexpensive. You can convert your physical paper into digital documents, and thanks to the creation of new apps and workflow tools you can almost eliminate the need for printing anything new. Almost. In fact, tools like digital signatures and encryptions have the power to revolutionise the way businesses operate on a fundamental level. The problem is, the adoption rate of these technologies is still very low, with trust in an all-digital office still not fully established. When it comes to signing a document, most people are still more comfortable signing a physical piece of paper with a pen than typing their name into a box on a computer. This might sound like a simple fix, but in reality the thing holding the paperless office back isn’t the technology; it’s the people.

 

Setting Up Systems

 

If you are truly dedicated to reducing the paper within your business, the key is to have a system in place. Transforming how you handle active documents across your business, how you store it and how you destroy it is all part of the process. Offer a solution that combines ease of access with the benefits of secure storage and management and you will see dramatic reductions in unnecessary printing. Part of that process is installing a secure storage unit for your ‘inactive’ documents to be stored in to await destruction. This removes the paper from the office creating a cleaner and more productive environment, as well as ensuring your documents are secure. Tackling information as it enters the business and establishing defined channels for how it is handled should be the next part of your process, along with instating firm print guidelines.

 

 

If you are looking into the paper-light office route but don’t know where to start, then you need to bring in a professional. Making the decision to change the way your office is run can be difficult, and it may unearth other issues within your office that you hadn’t even considered. For more information, get in touch with us today for your free consultation.

Over the past few decades many people have been shouting about the imminent arrival of the paperless office. But even the explosion of new Internet technologies which allow users to share, read and edit documents, we are still clinging to the notion that businesses need paper to function. No matter which way you spin it, paperwork is a pain, and its very existence brings about all sorts of problems. Luckily, there are some ways to ditch the paper in your business and keep it out of your way for good.

  

Filing

 

I’ve got to be honest, I think I only know 1 person who genuinely enjoys filing.  This breed of person is very rare, and also tends to take enjoyment from deep-cleaning bathrooms. For the rest of us, filing is one of those tasks we dread, and really wished didn’t exist at all. The good news is in modern times, it’s becoming less necessary to have physical filing cabinets in offices anymore. Even for business who deal with a lot of contracts (which of course need to be signed and kept), these things can now be kept and even created in digital format easily. This doesn’t just mean that you get a corner of your office back, but you lose all of that time wasted looking for files, putting things in the right places and doing the annual data cleanse. Now all of those things can be done with a few mouse clicks at the computer which is much better, isn’t it?

  

Errors

 

People make mistakes. We might like to think we are perfect, but the reality is everyone is going to make a mistake or two in their working lives. Invoices can get lost on deliveries, important post can be put into the ‘bin’ pile instead of the ‘client’ pile, and reports can be accidentally deleted from the system. Missing paper, data entry errors or inaccessible data can cause a whole host of problems, especially when the end of year tax returns roll around. Sadly most of these mistakes come from human error during the processing or handling of paperwork, and the results can range from a minor inconvenience to large abilities in cases of disputed bills or inspections.  Removing the human element from your data processing means that errors will disappear. What’s more you can programme your automation software to your specific company guidelines and policies, so you know that all of your paperwork is completely compliant. This is especially useful for accounting and compliance departments who need to adhere to a complex set of rules regarding paperwork.

 

Data Protection

 

Having a suitable and robust data protection policy in place is critical for any business. A single data breach resulting in the theft of confidential customer data could cost your business dearly in terms of money, security and reputation, not to mention the possibility of criminal charges if the theft was aided by someone inside. Paperwork is still one of the bigger causes of data breach in business, despite what the all of the recent reports of cybercrime news would have you believe. So in order to comply with the Data Protection Act and make sure your business stays safe, you should be regularly shredding used documentation and disposing of it safely.

 

 

Of course – what are you supposed to do with all of the paperwork that is already in your business when you switch to these fancy new digital systems? At first, you will simply have doubled up your paperwork, so you will need to employ the services of a shredding company (like us) to destroy all of it for you, securely. This is a very simple process that simply requires you to click here, and if you want you can even watch the documents be shredded! Moving forward, businesses will always produce paper in some form, whether that’s invoices coming in or board meeting notes. Our monthly shredding plans mean you never have to worry about getting rid of paperwork again – just wait for us to arrive for a monthly pick up. To find out more about our shredding services and how we can cure your paperwork pains, get in touch with us today.

Let’s be honest, shredding can be a pretty dry subject. Heck, when we’re dealing with paper, dampness is generally considered a bad thing! Bad jokes aside, we understand that there’s only so much you want to hear about the mechanics of shredding paper. So this month, we wanted to take a break from the gears of it all, and instead look at some famous scandals that involved the humble shredder.

 

Enron

Let’s start with an oldie but a goodie – the Enron scandal. Now, Enron got into some trouble back in 2001, achieving the title of ‘biggest audit failure’ and eventually ‘biggest bankruptcy reorganisation’ in American history. But as if their financial issues and debts weren’t enough, in 2002 the FBI raided the failed energy giants headquarters after a tip that employees were undertaking in a mass data destruction session. FBI agents found employees at Enron HQ shredding thousands of sensitive documents in a bid to hide evidence, and further investigation revealed they had been doing this for several months already. To give you some idea, the documents they were shredding included details of the off-balance sheet partnerships which Enron set up to conceal the true level of its debts, which stand at anywhere between $30bn and $40bn. Unsurprisingly, this added fuel to the fire and more charges to the list for Enron’s owners, and restraining orders had to be filed to prevent any more shredding taking place.

 

The Iran-Contra Affair

This was another fairly high profile case from The States that involved people desperately trying to shred incriminating documents. The Iran-Contra affair happened during the Reagan administration, when it was discovered that senior administration officials secretly facilitated the sale of arms to Iran (which was subject to an arms embargo at the time). Obviously, not great from any angle. What started as an effort to free 7 American hostages being held in Lebanon spiralled into a nightmare for the 12 senior administration officials who were charged over the ongoing incident. Two of those, Fawn Hall and Johnathan Scott Royster, were responsible for the destruction of the incriminating documents, and were given immunity from prosecution in exchange for their testimony.

 

Metropolitan Police

Let’s end with the most recent one. Earlier this month, an inquiry was started into allegations that the Metropolitan Police have been shredding documentation they weren’t supposed to. This was after a public inquiry into undercover policing was announced in March 2015, and officers have since been accused of destroying documentation that related directly to this active inquiry. It’s a bit of a web of inquiries to be honest! What is clear is that the IPCC stated that the documents should not have been destroyed ‘without express permission.’ In fact, their spokeswoman Sarah Green added that “While the evidence indicates that a large number of documents were shredded over a period of days in May 2014, the difficult task ahead for our investigators is to determine what the documentation was, why it was destroyed, whether electronic copies were kept and who may have ordered its destruction.” At the moment this strange double enquiry is still in its early days, so we don’t really know what will be uncovered yet, besides a pile of shredded paper!

 

At Hungry Shredder, we won’t help you destroy data as part of a scandal, but we will help you keep on top of things so that you don’t end up on the receiving end of a law suit under the Data Protection Act. Our shredding services offer both delivery of sacks and the option of collecting from you, so you don’t have any excuse not to shred that sensitive documentation. For more information, get in touch with us today.