Although digitalization has moved quickly, we have not yet introduced the completely paperless office. And while digital threats are high on an organization's agenda, it's a mistake to assume that paper-based security risks no longer exist. According to Data security incident trends, as many as seven percent of security incidents have to do with "loss/theft of paperwork or data left in unsecure locations".
One of the concerns related to GDPR and the Data Protection Act is that all personal data must be processed in accordance with the law, which means that we must be able to track and document it – to know what, where, when and how they are used. The Data Protection Act is technology neutral, which means that it also applies to personal data that only exists physically on paper.
Since all organizations today place high demands on searchability also in written physical information that is handled, it’s wise to consider GDPR and privacy protection already when the system for handling physical information is set up.
It's basically about three things
- Raising awareness about handling of personal data.
- Easy management of data.
- Compliance. All year round.
We have now launched the 2023 version of GDPR and Privacy Protection where we use NanoLearning as a method to create awareness every day of the year. Because in the end, functioning privacy protection also depends on users actually thinking and acting with the protection of personal privacy as part of our business. Both when it comes to physical and digital information.