5 unforgivable errors in the handling of confidential data under the RGPD
The new data protection law has been in place since May 2018, but there are many companies that still make serious mistakes in the handling of sensitive data. Failure to comply with the law can lead the company to pay huge fines, so you need to take extra care when dealing with private data. In today’s article, we address the 5 unforgivable errors in the handling of confidential data under the GDPR!
Keep curricula after the selection process is over
Physical curricula must be destroyed as soon as the selection process is complete. The same applies to curricula in digital format. The exception is only in the case of spontaneous applications, where the curriculum can be stored indefinitely, as long as the data bearer is informed and the data is guaranteed to be up to date.
Leave documents with confidential information displayed
Many professionals leave documents with private information on their desk, which allows them to be read by other people. It is important to be very careful about these situations and make sure that no important documents are on the desk.
Don’t mask information
It is increasingly important to protect sensitive information through techniques that prevent it from being read. Data masking, an option provided by Datapeers, allows you to create an identical version of the source database at a structural level, but with masked data. In fact, its original format remains unchanged, but the data presented are fictitious. That is, in a column of a database with bank information of the users of an online store, it is possible to mask the data by creating new bank numbers in which the figures were “mixed”, creating fictitious numbers but with the same value for the processing of the intended data. The masked data can be used in test and auditing environments, not compromising the result of the analysis, but always guaranteeing the confidentiality of the information.
Save important information to removable devices
The confidential information of a company should preferably be stored in the Cloud, since this type of solutions offers a high level of security. In addition, there must be several copies of the most important information, so there is no risk of losing important data. In case of extreme need to store data on removable devices, they must be encrypted.
Leave the computer screen on
The computer stores sensitive and important information, so improper access can compromise the security of the organization. So when you are away from your workplace you should lock your computer or log off. Protection measures should be taken, such as setting the automatic locking of the computer after a certain period of inactivity. The same caution should be applied to mobile phones that are increasingly storing business information.
Marketing administrator
About the author