September 08, 2014

Confidential Data And a Shred-All Policy


Did you know that more than three-quarters of SMEs say their employees have either a recycling bin or waste paper basket at their workstation? At first glance, this sounds really encouraging. After all, isn’t it great that UK businesses are thinking proactively about meeting recycling targets and making it easy for their colleagues to dispose of waste paper without having to leave their desk?

But if we look deeper at this, it’s clear that there’s a real problem, particularly since in Shred-it’s 2014 Security Tracker research, which looks at UK businesses’ attitude towards information security, we found that 13% of UK SMEs admitted to recycling or throwing out sensitive documents without shredding them.

Imagine what could happen if confidential information – and that means anything from employee payslips to invoices, from emails to meeting agendas – thrown into an unsecure recycling or waste stream ended up being targeted by fraudsters or entered the public domain. Companies face reputational damage as well as financial penalties of up to £500,000 from the ICO (Information Commissioner’s Office).

However, that’s not the only worrying trend we spotted in the Security Tracker. A further 71% of SMEs said they used an in-house shredder to destroy their confidential information. Aside from the fact that many in-house shredders tend to strip-cut the paper rather than cross shred, meaning documents could be put back together again and sensitive information could be retrieved, there is also the human resource involved.

Determining if a document is confidential or not can demand careful study of the information and that can be time-consuming and sometimes confusing. And with 40% of data breaches due to simple human error, it’s imperative that simple and robust document disposal processes are put in place for employees to use, through a shred-all policy.

A shred-all policy, where all business documents are securely destroyed once they are no longer needed, encourages employees to dispose of confidential documents in a secure, locked console and are therefore less likely to drop confidential documents in a waste paper or recycling bin. A shred-all policy also means partnering with a trusted document shredding services partner which understands the risks. With Shred-it, for example, businesses can protect their confidential information but also ensure that all paper is recycled after it is securely shredded.

What are all the benefits of a Shred-all Policy?

  • Strengthens information privacy and confidentiality
  • Simplifies document disposal for everyone
  • Employees no longer need to decide what information is or isn’t confidential – enabling higher productivity
  • Reduces the risk of information breaches
  • Improves compliance with data protection rules and regulations
  • Better protects proprietary, customer and other business information
  • Decreases risk of human error (over 40% of data breaches in business are due to human error).
  • 100 % environmentally-friendly (documents are securely shredded and then recycled).

Do you have a shred-all policy in your workplace? For more information, check out why a shred-all policy makes sense.