Could you be in breach of the GDPR when printing work-related documents at home?
A study has found that two thirds of remote workers risk potentially breaching GDPR guidelines by printing out work-related documents at home. It comes as no surprise that printing work-related documents at home during the pandemic has increased, however caution is required. Printing documents containing personal information such as an employee’s payroll, address or medical information or even notes from a meeting containing phone numbers or email addresses pose a potentially high data security risk.
Many home-workers who took part in the study admitted that they have not disposed of documents because they do not know how, or they instead disposed of the documents in their own household waste. Under UK data protection laws, companies that store or process personal data must have an effective, documented, auditable process in place for the collection, storage and destruction of personal information. While almost every organisation will have this in place for office life, some organisations may have struggled to ensure that the same standards are adhered to during this extended period of home working.
By incorrectly disposing of confidential information or not disposing of it at all, employers are left exposed to the risk of data breaches and potential fines or claims. Companies should review current processes and ensure training is provided to their staff, to clarify the standards required when working from home when it comes to disposing of confidential information and data security. A formal working from home policy may often be a useful place to cover applicable security standards.