With GDPR on the horizon much of the conversation has been around what to do with data that is currently held by an organisation. However, questions such as ‘How long should that data be kept for? and ‘Is the information held kept up to date? could be of more concern.
How long to hold on to information?
We know that certain regulations mean we must hold files and documents for particular periods of time. For example, we may have to hold on to past employee information if they were part of a pension scheme. We may have to hold onto records relating to financial transactions for a number of years to be compliant with accounting procedures.
In the past we may have just held on to everything ‘just in case’, especially if we had a spare office that we could use for boxes of files. However, that day of dumping paper files in a dusty room is now gone. With the introduction of GDPR we must have a data register and only hold onto relevant information for specific periods of time. Once that time is lapsed we are obliged to destroy the information in a secure manner.
An efficient way of handling this problem could be to date all new pieces of information so a regular clean out can be done to ensure compliancy. As a piece of data is gathered it should be entered onto a CRM system or management software.
Here’s an example. When Sarah joins the company her personal details including date of birth, background information and bank details are given to the HR manager. This information is imputed into the business management software. We now know where the information is held and how long it is there for and it’s simple to update as time goes on. Once she leaves the company, her details are updated so when the time comes when the need to hold the information has passed, it can be safely and securely removed from the system. This is a simple task completed as a touch of a keyboard.
But what if you have boxes of files from the last twenty years in a store room? I bet if you asked nicely in the office, not one person would offer their services willingly to go through it, sort it and destroy it. It would be a thankless, frustrating and boring task to take on.
Here is where Datascan comes in. We can organise for our driver to collect those boxes from your office and transport them to our secure facility in Dublin. There we will scan and sort the information for you. We can provide it back to you in a format that uploads onto your software so each file is easily accessible to you. After your information has been digitised you will save it in the cloud away from authorised access and safe for the period you need to hold it for. We then destroy the hard copies in a secure manner so you remain protected.
You can then sort out what you have and delete any files that you don’t need. Once your retention schedules are in place you can plan for future action with that information.
Don’t get caught out holding on to information for longer than is necessary. It may seem like an innocent mistake but with large fines and risk of loss of reputation you cannot afford to leave yourself open to scrutiny. Contact Datascan today for a competitive price for scanning your files.