GDPR Document Strategy Checklist

The EU’s General Data Protection Regulation, or GDPR, is a new set of rules designed to give EU citizens more control over personal data collected by businesses. All organizations conducting business in the EU must ensure that customers’ personal data is gathered and managed legally and correctly and protected from misuse or exploitation.

Many companies have focused a huge portion of their GDPR compliance effort in the digital realm, for example, processes aimed at the cloud, databases and email servers—in short, anywhere sensitive data may reside. However, data kept on paper documents is potentially more problematic. According to a Quocirca 2017 Managed Print Services Landscape report, data loss through unsecured printing remains prevalent in any industry, with 60 percent of businesses reporting at least one data loss. AIIM recently found that 46 percent of office workers view paper files as the most vulnerable area for data breaches. With the introduction of GDPR, organizations must meet this challenge and protect consumer data housed on paper documents.

Furthermore, one of the core rules of GDPR legislation is that any personal data handled by an organization needs to be accessible, on-demand, at any given moment. It is incredibly difficult and time- intensive for companies to comply with the “Right to Erasure” mandate—meaning customers can request all instances of their data be deleted, immediately—when some of that data may reside on paper in unorganized storage or filing cabinets.