We have been working with a leading global consumer manufacturer whose growth was fuelled by acquisition. Topwood conducted a review of their current file management in relation to the new GDPR deadline approaching in May 2018.
The HR manager was concerned that the current archiving and retention scheduling was not up to par with the upcoming GDPR due to be enforced in May 2018. The firm were storing all of their archiving in their warehouse, which was neither securely stored nor preventing prying eyes from employees or visitors to the site. HR was concerned that they didn’t fully know what was stored in the archive boxes, but that they did include old CV’s, unsuccessful applicant information, old training files, pension details, interview transcripts, payroll details, salary records, employee contracts all dating back to 1997.
They requested Topwood review their storage and destruction processes, which identified the following issues:
Topwood found that the current layout of HR archiving meant that, under the new GDPR regulations this organisation could face huge penalties. With individuals being granted “the right to be forgotten” and less time to respond to subject access requests, this firm was going to be facing huge time wasting efforts to identify personal details for destruction from the large archiving in the warehouse. This issues would ultimately result in a failure to comply with the new GDPR and could result in large fines.
Following the review of their storage and destruction process, the North West firm were provided with the following solutions:
In this case Topwood were selected as the data destruction partner, as the integrated storage, scanning and shredding services resulted in a quick and easy service. It also meant that the firm had one company dealing with their files from cradle to grave.
To find out what security gaps may be in your Human Resource department download our guide by clicking on the thumbnail.