Document Management and GDPR

It’s an acronym that’s generated a lot of talk and more than a little confusion around the world. GDPR stands for General Data Protection Regulation and it is a new European Union (EU) law that was enacted in May 2018 covering data protection and privacy. But don’t let the words “European” and “data” mislead you. This law definitely has implications here in the United States, elsewhere in the world, and data doesn’t necessarily mean electronic data. It also means paper documents.

If your business or organization has any connection to European Union members or handles documents, you need to understand GDPR. As the Long Island leader in document management Storage Quarters wants you to know what GDPR means to you.

The Basics of GDPR

According to ZD Net, GDPR is designed to give EU members more control over their personal data. Under its terms, any organization operating within the EU or any organization operating outside the EU that offers goods or services in the European Union must ensure that a person’s personal data be gathered legally and under strict conditions and that data must be protected from misuse and exploitation.

According to the Verge, any company that collects personal data on an EU citizen needs explicit and informed consent. A right to revoke that consent must also be provided to citizens and those citizens have the right to request all data a company has on them in order to verify that consent. This is also known as “The Right to Be Forgotten.”

How GDPR Extends to The U.S.

You keep hearing that GDPR applies to citizens of the European Union, but how does GDPR apply to the U.S.? According to Forbes, the law only applies to EU citizens who are in the EU when the data is collected. That’s because EU laws only apply in the EU. They also note that a financial transaction doesn’t need to take place for the law to apply. But things become murkier when an EU resident comes across an American website. The American company is only on the hook if their marketing language targets EU websites, according to Forbes. For example, a non-English speaking EU citizen is likely not being targeted by an English language web page. US companies that market in EU countries should be aware, as should American websites that create online marketing forms.

Document Management Matters and Storage Quarters Can Help

The reason why GDPR is important to pay attention to is that those who violate it are subject to significant fines that can rise to 20 million Euros or four percent of your annual turnover, whichever is higher.  

So if you need to show what you collected from an EU citizen for any reason, you need to make certain you have complete control of your documents. The GDPR also has a requirement that data breaches must be reported.

Storage Quarters can help you with your document management needs. We can help you account for all the documents you control with computerized barcoding technology and we’ll provide you with an inventory. Additionally, we can scan your documents to provide insurance against loss or theft and we also offer shredding services. We’ll provide you with a certificate of destruction when we’re done. Storage Quarters can help you remain compliant with GDPR. Contact us today.