An information security company has released an online self-service tool. Shred-it says it’s to support businesses on their journey to General Data Protection Regulation (GDPR) compliance. GDPR Manager follows guidance from the UK regulator the Information Commissioner’s Office (ICO).
GDPR Manager has a six-step process, from initial assessment to creating a manageable plan. This follows Shred-it’s 2018 State of the Industry Report that found 22pc of small business owners were totally unaware of the GDPR. Only 39pc of large organisations had updated their procedures for detecting, reporting and investigating a data breach. The info-destruction contract firm says that one of the most crucial aspects of compliance is being able to demonstrate how a company acquires, manages, stores and destroys personal data, or Personally Identifiable Information (PII).
David Hagelthorn, GDPR SaaS Business Manager, says: “All organisations that collect, process and store PII must now put in place technical measures to manage the transparency and consent requirements of the new regulation. However, our 2018 State of the Industry Report highlighted that just 44pc of large businesses and 19% of small businesses have documented a lawful basis for processing data. By adding GDPR Manager to Shred-it’s compliance portfolio, we are further showcasing our drive to help businesses both large and small protect what matters to them most; their reputation; their people; and their customers’ data.”
The firm says its GDPR Manager tool enables businesses to take a holistic approach to data security and privacy. For data management, the online tool gives a company the ability to prove how it manages its data, critical to ensuring compliance with the GDPR. A company can demonstrate accountability within one hour, it’s claimed.
David Hagelthorn adds: “As a result of developing this tool to meet the expectations of the ICO, purchasing and using GDPR Manager will help demonstrate that a company is working towards compliance. We all know the large fines and potential ramifications of non-compliance, so we’re excited to be able to provide our customers and other businesses with a clear and structured pathway to GDPR compliance.”
