A recent survey of UK IT managers has revealed that many are unclear on the details of current proposals by the European Commission to reform the laws pertaining to the collection, use, storage and disposal of sensitive data.
While the EC’s proposals are still subject to debate and may change over the coming months, the new legislation is expected to be introduced by early 2015 at the latest. If the proposals were to come into force as they stand, the ramifications for businesses and organisation are likely to be significant and, potentially, very expensive for those who fail to plan for change in advance.
Implications are likely to include increased red tape and paper work, more demands relating to consent, new requirements surrounding the portability of customer data, plus significantly increased fines (up to 2% of worldwide turnover) for those who fail to comply.
Crucially, under the terms of the current proposals, individuals will also have a new “right to be forgotten” i.e. to insist that all data held about them is deleted. In most cases, this will require organisations to design and create new processes that facilitate these new rights and ensure compliance with the new legislation.
This is rarely a straight-forward task, given the increased use of personal devices at work and the technical, operational and environmental issues surrounding the phase-out or re-deployment of ageing IT assets.
At SCC, our consultants are highly experienced in assisting organisations of all types to consider the potential impacts of the new legislation, prepare a comprehensive IT strategy in response and plan to invest the resources (both financial and human) that the strategy demands.
SCC’s recycling services remove the burden of the legislation surrounding secure IT asset disposal and deliver real cost savings and guaranteed compliance with the latest environmental laws and highest data security standards.
What’s more, our CarbonZero National Recycling Technology Centre facilitates secure IT refurbishment, remarketing and WEEE disposal opportunities all at one central campus – a unique proposition in the UK.
We offer a fully managed service, from the recovery of IT assets, technical processing, secure data erasure or destruction, through to assessment for the remarketing and redeployment of equipment or comprehensive disposal in line with the WEEE Directive.
Typically we aim to recycle 20% of all IT waste we collect, with the remaining 80% remarketed to offset costs and support CSR initiatives. In addition, we run on a 0% landfill policy, ensuring all of the waste we recover is utilised to its full potential.
Now is the time to consider the potential impacts of the new legislation on your organisation and act. Key tasks to tackle include:
- Auditing the people responsible for the recycling / disposal of data;
- Auditing your IT to gauge opportunities for reuse and recycling;
- Implementing a strategy compliant with forthcoming data protection guidelines;
- Ensuring recycling strategy aligns with CSR and environmental best practices.
This is not an issue that is going to go away. We’re already starting to see dedicated Data Protection Officers (DPOs) being appointed within businesses and organisations with the vision to understand the impact the new legislation.
At SCC, we predict that this is likely to be the start of a growing trend as more organisations recognise the importance of data protection to their very survival.