GDPR - Is your printing, scanning & copying compliant?

ISLINGTON, U.K. - June 15, 2017 - PRLog -- The General Data Protection Regulation (GDPR) is set to replace the Data Protection Act 1998 (DPA) and will come into effect from the 25th May 2018. It is in many ways similar to its predecessor and regulates the processing and holding of personal data.

But there are some major differences, which will have a very real impact on your business: The scope of data protected has increased to include data from your online footprint, economic information, and even 'Pseudonymised' data (for example, social media usernames or other online personas) - providing it can be easily identified.

Second, you will need to demonstrate your compliance with GDPR. Third, breach notification procedures are required, and there are time limits to how quickly you need to alert the authorities if you do realise there is a breach.

Last, but not the least, the penalties for being in breach have increased and they could be disastrous for your company - this could amount to as much as €20 million or 4% of global annual turnover (whichever is greater).

With that in mind, to keep business operations and printing processes compliant, companies need a robust strategy to:

- Protect sensitive information they may hold in digital format, and prevent access to it by unauthorised individuals or those who don't require it for legitimate business purposes.

- Prevent sensitive data from being printed - period, either on purpose or inadvertently, by those who may or may not have access to it.

- Detect possible breaches quickly and easily, in case they take place despite best efforts.

- Have documented processes in place to illustrate compliance and accountability for all of the above.

Many companies already put in place network security to stop intruders accessing data and information and this is a great starting point.

Unfortunately, network security alone doesn't prevent data being breached from the inside and doesn't protect in-house printing of sensitive data, or inadvertent sharing of sensitive data. So how do you stop this from happening?

Everyone knows that modern multifunctional devices come with in-built security features like data encryption and image overwrite. Xerox devices even go so far as to include Cisco TrustSec to protect data paths, and McAfee whitelisting as standard on many devices.

Rules, restrictions and rights in your file structure or Document Management Systems will help prevent unauthorised people from accessing your data. And Card-based printing goes a long way to help with transparency and accountability.

But this alone is not enough to protect yourself under GDPR - one of the most common causes of data breaches is the inadvertent or accidental sharing of data, especially information printed on paper, which has been traditionally very difficult to prevent.

This is where things get smart:

Using an advanced solution, it's possible to automatically analyse print, scan and copy streams to detect and block any sensitive data before it is released by the printing device. It's even possible to redact sensitive data from the document being printed/copied/scanned - without affecting the master document, or without the need for any manual intervention.

In addition, overlays like security stamps can be added as a rule when sensitive data is detected in a document, or alternative workflows can be triggered in order to send the document to a secure location for review before permission is granted to print it / copy it / release the scanned file.

Going one step further, security alerts can be triggered so those in charge of compliance would be aware of what is being printed and who is trying to print it. This could also be used to automate your breach notification procedure (Eg: an email is triggered each time a print is prevented, or released with redacted data).

This isn't something every print management application can do but with an advanced setup, you can ensure sensitive data isn't being printed, helping you to remain compliant with GDPR when it comes to printing processes.

Whilst GDPR is still a year from enforcement, it's important to consider the business operations and processes that could cause an associated risk, including print. We don't advise leaving it until the last minute to optimise your printing processes for GDPR.

To learn more, or to benefit from a free Document Security Audit, please visit http://content.xenith.co.uk/document-and-print-security