It’s been nearly 2 years since GPDR came into full force, and we’re now at a stage where most businesses are fully aware of what the legislation means for them, and how to enforce it. However, there are still concerns around how many of those businesses are actually compliant with the regulation, or have put the right policies in place to protect the business and their data to the right level. When GDPR first came into practice, there were a lot of questions around whether companies were really ready for everything it entails – particularly when it came to more ‘back end’ issues around data management – particularly when it comes to the physical paperwork.

The Big Question

The big thing many businesses miss in this legislation is that it doesn’t just apply to digital data. While that certainly is a focus of GDPR, the rules apply to data in any form – including physical paperwork. Physical paper is just as much – if not more of a risk point for many businesses than digital data. Yet when asked what kind of support they had sought and received for this area of business, 44% of businesses cited issues solely around digital data and encryption – and nothing for physical paperwork.

Just like with digital data, businesses should be making sure they have a set of strict internal procedures in place to deal with the protection of paper records of all kinds. Many of the issues faced by businesses, including inadequate long-term storage solutions for paper documents (like archives wit unrestricted access) are a key point of vulnerability that is often overlooked. Other areas of risk include documents containing personal information left on printers, out on desks or even in bins during the day and overnight. All of these things mean you could be in breach of GDPR without even realising it.

Creating A Secure Paper Trail

So, how can businesses address this? By creating a secure audit trail for their paperwork, and reassessing how they protect their business from security risks around both physical and digital data. After all, businesses who are investigated by the ICO and found not to be actively protecting their physical paper records are likely to get a much harsher treatment than those who have made their best effort. This means having processes in place, and making sure your workforce are aware of the risks, have received appropriate training and have access to the right tools.

One of the ways you can do this is by providing a set of lockable consoles specifically for paperwork. Using one for documents currently required means you can encourage a ‘clean desk’ at night policy to prevent theft, while using another to store documents that are no longer useable and are simply waiting to be destroyed means you can ensure their security too. By working with a secure shredding partner, you can get access to these consoles, as well as have them regularly emptied and the document securely destroyed, meeting your obligations under GDPR.

Nearly 2 years on, it’s amazing just how many businesses are still not completely prepared for GDPR, or ready for an inspection, with physical paperwork being one of the biggest holes in their preparations. At Hungry Shredder, we work closely with businesses to help them meet their GDPR obligations by providing a secure and auditable shredding service. Our team can help you put systems in place to protect your data and keep you on the right side of the ICO, with fully traceable and auditable trails and proof of destruction every time. To find out more just get in touch with us today.

In such a hectic modern world, businesses are always looking to find that perfect recipe for ultimate productivity. How to get the most work out of an employee in the time they are there, in the most efficient way possible, without causing burnout or reducing the quality of the work at the end. There are, in fact, entire companies have been created dedicated just to this task, and they have come up with all sorts of interesting solutions. But here’s one you might not have thought of yet – ditch the paper that’s still floating around your business.

It’s A Distraction

Distractions are, generally, pretty bad for a workplace. It takes the human brain around 23 minutes and 15 seconds to get back on task and refocus after each distraction, which can be bad news in some offices. Paperwork sitting on desks can be a distraction in itself, reminding employees of other things they have to do still. Paper getting lost or misplaced can add to the length of time no real work is going on (while employees struggle to find it), and colleagues coming around to get things signed or to ask questions about a document can happen multiple times a day. Plus, having a messy workspace can have a pretty big impact on employee productivity in itself, since clutter stimulates the stress hormones in your brain and draws your focus away. Since paper if one of the biggest sources of clutter, it makes sense to get rid of it.

It’s Not Secure

Paper is, at its heart, not secure. It can be dropped, lost, misplaced or stolen all too easily. It’s also very easy to just pick up and read, and then replace, leaving you none the wiser about who has had access to confidential data. This is made worse by the fact that paperwork tends to just get left on desks, out in the open for anyone to see. And when it’s finished with? The most common destinations are an office bin or, if you’re lucky, a recycling bin outside. Both of which are easy for criminals to access and steal documents from. So if you care about the security of your business data, client data and your adherence to GDPR, paper should be the first to go.

It Creates Disparate Systems

As a business grows, more and more systems get added to allow that growth. At a certain size, there needs to be a way to control the flow of documents in, out and around the business. The problem is, most businesses will put two systems in place, one for digital documentation and one for physical. This means that every process that deals with documents is then duplicated across the two mediums. This is not only confusing, but highly inefficient, and leaves your employees spending much more time than they need to searching for and processing documents in multiple disparate systems. The key to productivity is to have all of your information in one place, minimizing wasted time.

Destroying It Takes Up Valuable Time

The final problem with paper is that once its purpose has been fulfilled, it has to be physically destroyed. It’s not like a digital file, which can be deleted in a single mouse click that takes a fraction of a second. Instead, paper has to be shredded, and the shredded remains disposed of properly in order to comply with GPDR regulations. And sure, you could store it up and make it your ‘Friday afternoon’ task to shred everything for that week, but that still means an employee has to sit there for an hour (or an afternoon, or a full day) feeding paper through a shredder. Which might be the least productive use of their time possible, and a huge waste of your money on their wages.

At Hungry Shredder, we specialise in providing businesses with an easy way to deal with their paper. While we encourage businesses to go paperless where they can, we are aware that the business world is a little far off that still, and in reality there will always be little bits of paper we just can’t get rid of. But we can help you improve employee productivity by taking that burden away from you, shredding and disposing of your paperwork on-site and freeing up your staff to work on more important things. To find out more, just get in touch with us today.

Most of us like to think we’re very careful with our personal data. A lot of us now have a small personal shredder at home, so that we can get rid of our bank statements and bills properly. Or even better, we do everything online to avoid the paper trail altogether. For the most part, this is a great start to keeping your data safe – but there is still room for improvement. But there are some things we all forget about, and that could be leaving us open to identity theft and fraud. So today, we bring you 5 documents that you might not be shredding, but that you probably should.

Boarding Passes

If you travel a lot, odds are you probably have a drawer full of leftovers from your trips. Currency rattling around that you might use again, business cards, souvenirs and all of those travel toiletries and eye masks you get on planes. And maybe even your boarding passes, which often get shoved in a  drawer when you go to put your passport away when you’re home. But when you eventually have a clear out, you will probably also end up throwing them in a bin bag, rather than shredding them. This is a bad idea, since criminals who get hold of boarding passes (even used ones) can scan the information hidden behind the barcodes, and unearth all sorts of personal information about you.

Medical Records

It goes without saying that you probably don’t want many people to see your medical records. They are very personal, very private documents, and often reveal things about you that could be either used against you, or used to gain more information. But apart from the purely privacy-based issue, medical records of all shapes and sizes – from pregnancy notes to a simple prescription – can reveal all sorts of intimate details about you. From basics like your name and address, to insurance information which could be used to commit fraud. In fact, we’ve talked about why data thieves like medical records before, in this blog.

Receipts

Every couple of months we all get to the point where we are sick of all the receipts clogging up our wallets and decide to have a clear out. But be honest, how many of us just throw them in the bin? While it might be easier, it’s also incredibly dangerous. If you look at a receipt, you can see all of the transactional data on them, and just how much sensitive information that gives access to. At best, if a criminal got hold of this they could use it to commit fraud against the business you purchased from (with fraudulent returns etc), and at worst they could use it to access your personal bank accounts and steal your money.

Bills

Bills are a pain, but they are a part of life. But while your bills are just bills to you – just bits of paper, to data thieves they are an absolute goldmine. With a bill in hand, someone else can take out credit in your name, divert products or services to themselves (while leaving you to pay or it), or even open accounts and access yours, without you even knowing. So once you have paid them, make sure you shred them.

Junk Mail

Junk mail is the scourge of the world, and almost no one actually reads it. 9 times out of 10 it goes straight from the doormat into the bin. But while this might be satisfying for you, it’s not at all safe. Generic junk mail, or better yet personalised junk mail is attractive to criminals – particularly those offering credit card deals. If they get hold of your personalised junk mail, they can respond and, say, open a credit card in your name using this ‘pre-approved offer’, and you would never know.

At Hungry Shredder, we are specialists in destroying sensitive data, whether it be on paper or a hard drive. Our courier collection and drop-off services make it quick and easy for you to dispose of your confidential data safely, and our certificate of destruction service provides proof that your information is completely destroyed. For more information, or to order your shredding sacks, get in touch with us today.

It’s a new year, which means new goals!

For a lot of businesses we talk to, 2020 is the year of productivity. Of taking a business model that works, but making it work harder. There are lots of ways to make that happen, but one of the most often overlooked ones is investing in a shredding service.

Every business has sensitive information floating around the office. Customer invoices, payroll and other information shouldn’t be common knowledge within the workplace, so companies typically shred these documents. However, placing the shredder in a common area for every employee to use isn’t an efficient way to handle this paper volume in a productive manner – enter shredding services.

Reduced Workplace Clutter

We’ve talked about this before, but a clean desk (and office) leads to productive employees. Some offices could have hallways and rooms filled with boxes of sensitive paperwork, and the clutter makes it difficult to move around the office, challenging to find what you need and almost impossible to focus. There have been many studies showing the mental health and productivity benefits of a clear workplace and office environment, and a shredding service can help you achieve that.

No Inefficient Time Wasting

Businesses without shredding services will usually dedicate one or two employees to document destruction. If the volume is too large for a basic office shredder, they’ll fill containers with paperwork and haul them to a nearby shredding company. This hauling time adds up to significant lost work hours at the business. A mobile document shredding company will improve the company’s productivity by eliminating this paperwork transport time completely.

Focus On Tasks

Shredding might be a necessary task in an office, but it is time consuming, dull and very low skilled work. There is no scenario where paying an employee to sit and feed an office shredder is a good use of time, and it often leads to very inefficient processes. But if you outsource your shredding, your employees can simply place their documents into a secure storage bin, and someone else does all the heavy lifting. This means your employees can focus on their tasks, and not mindless busywork. There are bonus points here too, because effective shredding solutions mean employees only need to search through current and relevant files to find what they need, rather than sifting through old and out of date documents.

No Maintenance

When you use an external shredding service, you get everything that goes with the territory – including use of the heavy duty machinery. And the best part is that you don’t have to maintain it! If you were using an office shredder for all of your shredding, it would inevitably break down with constant use. And because office shredders are small, your employees will usually become the repair technicians just to get it working again so that it can be used. The need for this is completely eliminated with a service, saving you time and money on repair costs and avoiding a major drain on productivity.

At Hungry Shredder, we work with businesses owners who want to be more efficient and productive, making the most of their valuable time. And for most, that isn’t spent shredding! So we do it for them, either with an on-site shredding service, or a full collection service for larger volumes or more specialist shredding needs. If you would like to know more about how we can help with your productivity, just get in touch with the team today.

It’s Christmas, and who doesn’t love a good sing-a-long at Christmas? More importantly, who doesn’t enjoy knowing their sensitive data is secure, with all of that information of yours and your customers protected to the best of your ability? As everyone starts to wind down for the Christmas period, security should be one of the biggest things on your mind – especially if you’re going to be leaving empty offices behind. And since it is the festive season, we’ve put together a selection of 12 Christmas security tips to sing along to, and hopefully keep your business merry and bright.

On The First Day Of Christmas make sure all of your employees are prepared to leave behind a clear desk. We’ve talked about how great clear desk policies are before, but even if you don’t embrace the idea normally, Christmas is the time to do so. A clear desk means no confidential information left to fall into the wrong hands, and everything is secured away.

On The Second Day Of Christmas ask employees to store any electronic devices over the holidays, or during operating hours if you work in a retail industry (or something that means clients will be coming in and out a lot). Exposed devices like laptops and mobile phones can lead to a data breach and a lot of damage to your business.

On The Third Day Of Christmas remind any staff who will be working from home over the festive period how they should be disposing of office-related documents. While the recycling bin might be perfect for your unwanted wrapping paper, it’s not right for sensitive information, especially if it’s somewhere visible to everyone.

On The Fourth Day Of Christmas make sure staff are aware of any contractors you have hired over the Christmas period, ad who will be in the office when. Include a reminder to always check ID and make sure no official documents are left out in plain sight.

On The Fifth Day Of Christmas make a log of all electronic equipment or USBs leaving the office over the Christmas period, including where they are going with who, and what data they have access too. Remember to log them back in on your return. It’s important to keep track of where all storage devices are to help protect your business from a data breach.

On The Sixth Day Of Christmas try to limit the type of documents that employees can remove from your office. After all, there is no way to ensure the data is secure when it’s outside of your company’s control.

On The Seventh Day Of Christmas be sure electronic devices such as tablets and laptops which employees might be working on from home are encrypted and password protected, to safeguard any confidential information stored on them.

On The Eighth Day Of Christmas remind employees to destroy all paper copies of invoices and financial documents that are no longer needed. In the frantic rush to get everything paid before the end of the year, it’s easy to miss something.

On The Ninth Day Of Christmas you might have paid out your employee’s Christmas bonuses, but remember that payslips and all other employee information should be destroyed securely, or at least stored safely away from prying eyes.

On The Tenth Day Of Christmas adopt a new mantra: ‘new year, new start’. Revisit your security protocols and processes around data security, and if you have time conduct a full information security audit. You don’t have to act on anything you find now, but it gives you a good starting point for the new year.

On The Eleventh Day Of Christmas start thinking about those New Year’s Resolutions. Need to keep your paperwork under control?  Consider employing a shredding service to help your business become more efficient, secure and reduce the risk of an information security breach.

On The Twelfth Day Of Christmas make sure you have a process in place for the inevitable ‘new year’ clear out your employees will do. Ensure all documentation is destroyed properly, and not just thrown in the bin. If you can, hire a secure document bin to place everything into, ready to send to the shredder.

But above all, relax and enjoy your Christmas! For more tips on data security, shredding or employee productivity, just head to our blog page.

Shredding is a fairly standard thing by now. Even if you don’t do it yourself, pretty much everyone knows what the shredding process is and why it’s done – particularly in a business setting. It’s a standard part of security and compliance, and help to make sure your sensitive data is always protected, It also makes it easy to dispose of your sensitive documents without taking scissors to them. But do you know what happens to your records once they have been shredded?

After Shredding

Once you give your documents over to a shredding professional (lime us), they are processed. This means they are mixed in with other documents (for added security) and put through an industrial shredder. These are much bigger and more efficient than your standard office shredder, and the result is small confetti like pieces of paper in a variety of shapes, depending on the type of shredder used. These pieces are so small that no information from the records can be read, and there is no hope of piecing it back together. This confetti like paper is then bundled up and taken to a recycling centre so that it can be put to a new use.

When the paper arrives at the recycling centre they are chemically treated. This means they will be washed with chemicals and treated water to remove the print and start the process of breaking down the paper. The mulch will then be cleansed of any impurities that might be in it by pressing it against a screen. Then, before the old paper is bonded and dried, any last bits of ink that might be clinging to the paper are washed away in a final rinse cycle. The last step is to convert the shredded paper (now resembling pulp) into new products, usually done by passing it through a series of pressure presses and rollers.

The Benefits Of Recycling

Of course, paper is one of the most recyclable materials on the planet, with a single piece of paper able to be recycled and reused at least 7 times. This means there are some considerable benefits to recycling used paper, including:

• It takes only a couple of hours to turn obsolete paper waste into something new that can be used by consumers or businesses, without using any new materials

• Some of the products that can be created with recycled paper include paper towels, writing paper and toilet rolls

• You’ll see a significant reduction in your businesses’ carbon footprint, as waste paper that’s been recycled won’t end up in landfill

• Improved social responsibility. By investing in a more streamlined disposal process that minimises the impact your business operations have on the natural world

Why Invest In Professional Shredding?

Simply put, using a professional shredding company is the only way you can ensure your old paper waste is properly recycled. By shredding inhouse and simply putting it all in a recycling bin, you can’t guarantee that your paper will actually be recycled and reused in a new batch of products. But if the environmental angle isn’t quite enough to convince you, then there is also the fact that professional shredding:

• Protects your business information from competitors

• Ensures your customer and employee data is safely destroyed

• Meets all standards set out by GPDR and other data protection laws, keeping you in the clear

• Improves social responsibility, as shredding is a much more environmentally friendly option, with an end result of recycling 99.9% of the time

• Helps you dispose of bulk paperwork in a simple, efficient manner

• Saves employee time – no more hours spent bent over the office shredder

In short, the most efficient way for your business to deal with obsolete documents or records is to use a professional shredding service. Not only does this ensure certain data protection standards are met (and you can prove it), but it significantly improves the green credentials at the same time. If you would like to know more, just get in touch with us today.

These days, anyone can sell just about anything on the internet. The deep web, the dark web, the black market; whatever name you’ve heard for it, in the recesses of the internet, it exists. It’s not a safe place to be, what with the lurking hackers and strange mystery items being sold and shipped across the world, but it plays a huge part in the market for medical records.

Healthcare facilities are often targeted because of the sheer number of patient files that can be harvested from their servers. Each patient has a paper file, of course, but in this digital age, many facilities are choosing to keep data on their computers for ease of access. This is where the issue lies. Healthcare facilities are chosen as targets for hackers so that this data can be collected and sold.

There are many reasons that someone would buy medical data. Hackers can sell several files for a lot of profit because they contain so much personal data. Think about it. Your medical file would have your name, date of birth, your address, and even a list of your medical conditions. If you’re on a repeat prescription, a hacker could easily find out what GP you’re with, which pharmacy you use, and collect your prescription while acting as you. Remember the last time you collected a pre-ordered prescription? They probably asked you to confirm your name and address. Data that your medical file would list.

As well as drug and substance abuse issues, the hacker would have also listed your address and all of your other personal details. Individuals who don’t visit their GP very often won’t realise that their data has been misused or stolen. There have been cases where healthcare users discover that their file has been stolen a long time after it happens. Unlike things like debit or credit card theft, there is no sure-fire way to report theft of medical data.

It’s not thought to be a common occurrence, and many don’t realise it happens until it’s too late. Ransomware is one major way that these hackers gain access to healthcare data. In the two years between 2014 and 2016, almost half of the data breaches in the UK were aimed at healthcare organisations.

What this means is that the healthcare industry was targeted more than any other industry. Medical records provide data thieves with more data to sell off to the highest bidder, and it’s safer to sell off too; because the likelihood of it being reported is much lower than financial data theft.

Medical records, depending on the information available, can be sold for anywhere between £15 and £1500 each. Just from the consequences alone, you can see exactly why this type of information needs to be protected better than it currently is. There are many methods that can be used to prevent the theft of medical information, and it starts by ensuring that the industry is aware of the problem.

Back on the 25^th May, the European Union saw the first year of it’s General Data Protection Regulation come and go. This regulation has been one of the most vital changes in data privacy in the last ten years; changing the way that every single business handles personal data, among other things.

With the introduction of GDPR, many were confused. The regulation seemed difficult for many to fully understand, especially those who were not well-versed with personal data or the kinds of records that companies were legally able to keep. GDPR enabled the everyday member of the public to have a say in their personal data and refuse to give permission for any company to hold their details.

Understanding What GDPR Is

This subject has been covered time and time again, but for any that are still uncertain, we’d like to take some time to summarise what GDPR is. The regulation is complicated, that’s for sure, but it’s not impossible to understand. GDPR isn’t a complicated IT problem, and for individuals who have regained control of their data, it is the best thing to happen in a long time.

GDPR, or “General Data Protection Regulation”, is a regulation that purely protects and empowers EU citizens and their private data. Any EU citizen has the right to ask a company to delete their private and personal data, and they are legally required to do so.

The goal of GDPR is to ensure that any personal data is not misused – such as for things like cold calling. The regulation protects all EU citizens, even if the company is outside of the EU but holding the data of an EU person.

Businesses Have Struggled To Implement GDPR

Many organisations were not prepared for the new regulation to be put in place and were delayed in putting together the proper procedures to be compliant. There were a number of compliance issues in the early days of GDPR, and even now, not all businesses are fully compliant. A large amount of the organisations that are not compliant are in that state because they believe that the regulation does not apply to them. But it applies to everyone.

Lack Of Compliance Has Not Led To Overpowering Fines

One of the major worries of businesses around the world was that if they were found to not be compliant, they would be hit with a fine so large that they would go under. Small to medium businesses, in particular, seemed concerned. But most investigations have resulted in no such fine, rather, a chance to change.

The People Know Their Rights

GDPR has led to a plethora of people coming to fully understand their privacy and data rights. When you consider that the regulation was put in place to aid the people in their desire for more privacy, GDPR has more than done its job. The individuals of today know more than ever about their data and how that personal data is processed in the business world.