New rules, new responsibilities, new risks
The new Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988, now holds companies, that are subject to this act, accountable for data breaches and requires them to notify the Australian Information Commissioner and the people whose data has been compromised. Failure to report can incur penalties of up to $340,000 for individuals and $1.7 million for organisations.
Small businesses are also required to comply to the Personal Security Obligation Act if they handle personal information, yet many businesses aren’t prepared for this change in legislation. They leave themselves widely exposed to the cost of a potential breach, both in terms of dollars and in reputation, and just one breach can have far reaching repercussions to your business.
In addition to the Notifiable Data Breaches scheme if your business has an establishment in the European Union or offer goods and services in the EU, or if they monitor the behaviours of individuals in the EU you will also need to comply with the General Data Protection Regulation (GDPR) adopted by the European Union in April 2016
How prepared are you?
Outsource or on-site destruction?
Security experts say that confidential material should be destroyed as close to the decision in both time and location, to minimize the risk of a breach. However, many businesses entrust commercial waste management companies with the collection and destruction of their sensitive data. The moment data leaves your control you run the risk of a security breach and you should ask yourself:
- Are you comfortable with confidential material stored in wheelie bins with locks that are often broken or left unlocked and easily accessible? (Keep an eye out and you will be surprised how often you see an unlocked bin or one that is overflowing!!)
- When handing over confidential data to a third-party contractor for destruction how do you know you can trust those working for them?
- If there is a security/data breach the accountability remains with you -not a third party so why take the risk ?
- Are you comfortable with your sensitive data being moved to a collection point such as a loading dock, service area or elevators, which are often left unattended and free to access by those servicing your building.
- Will your document destruction be shredded into the same, small sized particles created by an office shredder? Industrial shredders used by document destruction companies usually shred paper into far larger, easily read pieces of paper. In fact, if you saw the size of the shreds created by these industrial shredders, you would feel very uneasy about where your documents go to after being shredded!
- Depending on the role of the employee, information with varying levels confidentiality will be handled. Therefore, outsourced document destruction is not an effective method of protecting information internally. Information not intended for the eyes of other workers is not destroyed when stored in a wheelie bin.
- Document destruction companies set guidelines to suit themselves because they also make money selling your paper for recycling.
- For most professional offices, a wheelie bin in the office is very unattractive and unprofessional. It’s like placing a wheelie bin in in your lounge room at home!
The longer the data remains undestroyed, the greater the risk for opportunities for the materials to be compromised.
The best security practice is to destroy as close to the source as possible!
The Security Experts all agree to Shred it - NOT bin it!
Avoid the dangers of outsourcing and install a quality on-site shredder solution providing 100% control over your data destruction, protection from legal repercussions and peace of mind.
Renz Australia offers the largest range of quality, ’made in Germany’ designed and engineered paper and media shredders from the world leading manufacturer HSM and can advise you on the best solution for your document and media destruction.
Don’t leave yourself exposed to unnecessary risk.
Talk to us today about an audit of your document and media security.
www.mastershred.com.au or give us a call on 1300 859 471