Data breaches are not the only area of concern for GDPR’s implementation in May, says Y Soft – they also must consider their print infrastructure.
Organisations now only have three months to bring their data protection policies in line with the new regulation. Non-compliance fines will reach up to 20 million euros, or 4% of a company’s revenue – whichever is greater. Even if a business is located outside of the EU but processes personal information of European Union nationals, GDPR applies.
The size of these fines hasn’t stopped a third of London businesses being unaware of GDPR, or believing that it isn’t relevant to them.
Martin De Martini, co-founder and CIO at Y Soft, said: “As well as considering data breaches, organisations need to reflect on the personal identifiable information of individuals present in their enterprise systems, such as a company’s print/copy/scan infrastructure, and how to comply with individuals’ rights concerning that data.”
It is now commonplace for businesses to use a single platform for all their printing, scanning, and copying needs, and this system will also be connected with various other IT systems, meaning that personal data is at higher risk of being mismanaged this way.
De Martini adds: “Looking at the typical enterprise workflow solutions management setup, which includes network printing, scanning, copying, and managing physical access to MFDs, there are a number of obligations related to the providing organisation under GDPR. This includes the likes of the processing of personal data by enterprise workflow solutions being secure and having all personal data that is processed by any of the services identified, amongst other obligations.
“Privacy by design and the ability to perform their GDPR-related duties should therefore be a consideration for administrators and data protection officers when selecting the right enterprise workflow solution, or when evaluating current solutions ahead of GDPR coming into force.”
Y Soft has prepared the “GDPR Compliance Guide with YSoft SafeQ 6” whitepaper to assist with understanding and complying with GDPR related to any company’s networked based print, copy and scan services.