GDPR - Legal compliance
General Data Protection Regulations
Businesses should be aware of these new regulations and prepare accordingly. Responsible data management and end of life shredding and recycling is essential to avoid new fines of 4% of Global Turnover.
GDPR Readiness Statement
GDPR Guidance Document
Data Protection Act 1998 - If you handle personal information about individuals, you have a number of legal obligations to protect that information. Principle 7 of the Act states that ' appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data' - having an approved shredding agreement for all your confidential paper records ensures legal compliance.
ICO (Information Commissioners Office) Example - 'As part of its security measures, an organisation ensures that information on laptop computers issued to staff is protected by encryption, and that desk-top computer screens in its offices are positioned so that they cannot be viewed by casual passers-by. Paper waste is collected in secure bins and is shredded on site at the end of each week.'
More information available direct from Information Commissioners Office - http://www.ico.org.uk/
Information Destruction Standards - BSEN15713:2009 is the European standard for the Information Destruction industry, which provides organisations with recommendations for the management and control of collection, transportation, destruction of confidential material and recycling to ensure such material is disposed of securely and safely. Putting your data destruction needs in the hands of a company that not only complies to BSEN15713:2009, but has it incorporated into their quality management system ISO 9001 and is inspected against it, is of critical importance to ensure the reliability of the services and products provided. Compliant companies:
- Have demonstrated that their confidential destruction premises are secured and managed in the appropriate way, to avoid contamination or security breaches.
- Have a clear and accurate process in place to ensure all contracts with clients, suppliers are up to standard.
- Have undergone staff screening and vetting against British Standard BS7858.
- Have approved Vehicle satellite tracking, CCTV and alarmed and monitored buildings.
- Have in place tested, secure and appropriate processes for the collection, retention and destruction of confidential material.
Evergreen Security Shredding & Recycling services are approved and vetted to BSEN 15713 standards, which are incorporated and audited within the ISO9001 Quality Management Systems. Copies of this certificate is available for customers to keep on file and review yearly to ensure compliance.
Customer compliance check list;
- Is your shredding company approved to BSEN15713 and incorporated within the ISO certificate ?
- Does the company have a waste carriers license, to enable them to carry waste ?
- Does your company have an Environmental Agency approved waste permit or Exemption License ?
- Does your company have an approved operating license to manage a transport fleet ?
- Does your shredding company have approved insurance for Public & Employers liability ?
- Does your company have ISO 14001 environmental quality systems vetted to UKAS auditors ?
- Is your shredding company local to minimise the risk of transportation and opportunists theft ?
- Does your shredding company charge per minute which is difficult manage and budget. Evergreen's costs are transparent and charge by container or weight.
- Does your company give a personal, ethical and reliable service.
If you would like to review your service or to obtain a best value alternative secure quotation, please contact us.