We all have information that we want to keep secret but sometimes we need to share this with companies, they can’t just store it indefinitely and they cannot simply throw it away. Confidential waste disposal is a carefully managed practice under the Data Protection Act. The aim of this is to keep people safe from hackers and fraudsters; a company that fails to meet their responsibilities can be subjected to large fines.
Confidential Waste
Confidential waste describes a whole variety of different documents that any company will have. Anything that reveals sensitive information about customers, suppliers or employees falls under the category of confidential waste. If a third party got hold of this kind of information they could easily commit identify theft, fraud or even blackmail. It is for these reasons the process of confidential waste disposal is so strictly managed.
The Data Protection Act
The Data Protection Act was brought into UK law in 1998 and was created to bring British Law in line with the EU Directive on Data Protection. The Act manages the collection, processing, storage and destruction of confidential data by businesses. For example when data is collected if you state it is for one reason like email marketing then you cannot use it for another reason.
Failing to follow the practices laid out in the Data Protection Act can lead to serious consequences for businesses. The Information Commissioners Office is responsible for enforcing the regulations, it can give out fines of up to £500,000 and there are stricter punishments also available for serious breaches.
One of the key principles of the Data Protection Act is that companies need to employ a specialist confidential waste disposal service. Companies providing this service have to securely collect the data ensuring it is not compromised on route the waste processing facility and then destroy it. Relevant certificates will then be sent to the company in order to prove compliance. There are organisational standards that govern this process that include the vetting of staff responsible for confidential waste disposal. When hiring a waste company you need to ensure that they adhere to these standards.
General Data Protection Regulation (GDPR)
The UK already has fairly stringent data protection laws but the European Union is introducing its own set of regulations. The General Data Protection Regulation will enter law before the UK leaves the European Union and it’s unclear whether or not the law will continue afterwards though highly likely that broadly similar rules will be in force. In order to make sure your business is safe from financial penalties it is well worth ensuring you follow these standards also.
These are the biggest changes to Data Protection law in over a decade and businesses need to ensure they’re compliant. However if you are currently following best practice as laid out in the Data Protection Act then it will be easier for your company to adapt. There is a greater emphasis on the documentation you need to keep in order to prove confidential waste disposal has been properly managed. The Information Commissioners Office have a created a clear 12-step guide to help business prepare for the changes ahead.
Is your business properly managing sensitive data? Our professional team can help you follow the rules for confidential waste disposal.