Save

Data storage – not only concerning primary sources!

Companies often underestimate the quantity of data they accumulated about their buyers, customers. This also means that they underestimate the significance and potential consequences of the introduction of the new General Data Protection Regulation (GDPR).

As long as companies are not aware of the type of data they store and where they store these, they are constantly exposed to the risk of penalty as GDRP set to be introduced in May 2018 (link to previous article) includes several tightening changes as to correct data controlling. 

Hidden data

It is very important that companies not only examine the areas that are primary sources of customer data such as CRM or marketing systems. Without due care or the development and following of proper data controlling procedures, data and duplicates may be generated and stored in the following places: 

  • IT systems, 
  • portable media instruments, 
  • mobile phones, 
  • mobile data storage facilities such as pen drives or external hard disks, 
  • network files, 
  • data charts and other documents, 
  • e-mails and archived inboxes, 
  • community posts, 
  • microfilms, 
  • audio tapes, 
  • cloud-based storage places, 
  • websites, 
  • uninstalled or out-of-use IT systems and instruments, 
  • printed documents and archives. 

The above list contains only a few of the assets to the management of which special attention should be paid from a data protection perspective. The area to be reviewed can be stunningly large taking into account that a very large number of companies may be present on individual markets, which control and store a huge amount of data on an overall basis. 

Penalties can be avoided

We cannot emphasize enough that preparation for the new regulation to be introduced next spring should be started as soon as possible. In addition to a due diligence of the company from a data protection perspective and the development of a data management policy, it is also of key importance that employees are properly informed and prepared for the integration of the new processes. Compliance with data protection criteria is no longer the isolated responsibility of the IT unit but concerns all employees of the company who manage, use or have access to customer data. 

Related posts

We use cookies for the operation of our website in order to make the individual functions more easily accessible for visitors and to receive statistical data on the usage of our website. The statistical data pertaining to the usage of our website is provided to us by Google Analytics. The statistical data does not allow us to identify the visitors of the website and to record any personal data on them. The picture given on user habits does not contain information concerning either the individual or all of the visitors. When considering consent, please take into account that by enabling cookies we can get a more accurate understanding of what visitors of our website are interested in, due to which we can upload material that will attract more interest. If cookies are enabled, based on the websites visited, Google will display ads that may interest you more. The information provided via cookies does not contain any personal data in this case either. The Help section of your browser can provide more information on the application of cookies. Read more on our updated data protection policy here. More