How confidential waste shredding should comply with the Data Protection Act

How confidential waste shredding should comply with the Data Protection Act

Being in business can be tough so the last thing you need landing on your doorstep is a fine because you have failed to correctly deal with your confidential waste disposal.

Breaching the Data Protection Act can lead to fines of up to £500,000 so it is vital that you keep all confidential information secure and destroy it effectively once you have finished with it.

Confidential document disposal, through secure on-site shredding services, for example, is the perfect solution, however many businesses aren’t clear about their obligations or what type of information needs to be shredded. So here is our quick run-down of the basics.

The Data Protection Act 1998 legislation is based on eight principles of ‘good information handling’. These give individuals specific rights in relation to their personal information and place certain obligations on the organisations that are responsible for handling that information.

Most businesses understand that paperwork containing signatures, account numbers, legal, medical or credit information needs to be securely destroyed. However, many businesses will also hold a variety of other documents that might contain confidential details which could cause harm if they got into the wrong hands. These might include HR files (contracts of employment, performance reviews, medical information) finance files (employee payroll records invoicing, business accounts information) or operational files (business, sales or marketing plans, customer lists, supplier information).

The Information Commissioners Office (ICO) Guide to Data Protection explains that information security breaches can cause real distress to individuals. It lists the following as examples of the sort of harm that can be caused by the loss or abuse of personal data (sometimes linked to identity fraud):

  • fake credit card transactions;
  • witnesses at risk of physical harm or intimidation;
  • offenders at risk from vigilantes;
  • exposure of the addresses of service personnel, police and prison
  • officers, and women at risk of domestic violence;
  • fake applications for tax credits; and
  • mortgage fraud.

So failure to securely destroy documents that contain confidential information could breach the legislation and also have serious implications for your customers, employees or even your business itself.

Many organisations adopt a ‘shred all’ policy for all business documents as it eliminates confusion about what needs to be shredded and reduces the risk of breaching data protection regulations.

The Information Commissioner’s Office outlines good practice as ‘…collecting paper waste in secure shredding console bins that are shredded on-site at the end of each week.’
Using a reputable shredding company that meets BSEN 15713 standards and has strong credentials is an efficient and convenient way to dispose of your confidential waste. This solution not only reduces the risk of information security breaches but it also saves time  – as confidential waste disposal that could take hours to shred in-house can be done in minutes by a mobile shredding service using an on-site shredding truck, all with minimum interruption to your business.

To find out more about how our confidential on-site shredding service could help your business call us now on 01275 877900.