Published 2nd of September 2015

The term “data protection” encompasses a number of practices necessary for safeguarding the privacy of your business information. However, as a broad term, it may also be broadly interpreted. In fact, in many cases, the Data Protection Act of 1998 itself has been misunderstood and misapplied.

Physical Security

Both hardcopy and computerised information of a sensitive nature is covered by the Data Protection Act.

Physical security of your data should align closely with your disaster recovery plan and ensure sound retention management practices. On-site storage, while convenient, may not offer proper protection from theft, fire, flooding and natural disasters. Disaster recovery experts recommend storing vital business documents and backup media in off-site location built for optimal security and preservation.

SDS Secure Records Centre offers:

  • External perimeter security
  • Intruder alarm system with red care signalling, linked to police HQ
  • 24-hour staffed internal security vetted to BS7858
  • Monitored fire detection and alarm systems
  • Strict authorisation procedures
  • SDS Secure Records Centre is only used to store paper documents, not personal belongings. We also have a data vault which provides specialised storage for computer backup tapes and other types of media. A data vault is designed and built to minimise risks to computer backup assets, protecting against:
  • Unauthorised access
  • Temperature and humidity
  • Magnetic interference
  • Electronic entry system
  • Accessible only to fully vetted, DBS checked staff.
  • SDS archive and fire-resistant data vaults feature barcode technology which enables documents and media to be tracked throughout the retention lifecycle to avoid accidental loss or destruction of data. After retention requirements have been met, data will be securely destroyed.
  • IT Security
  • Digital information belonging to businesses is increasingly targeted for theft. The International Commissioner’s Office has published a number of helpful tips for preventing access to personal data contained in a digital format.

These include:

  • Installing and maintaining anti-virus and anti-spyware software
  • Implementing a regular backup process
  • Encrypting electronic information

No-longer-needed IT equipment should also be professionally destroyed in accordance with the Waste Electrical and Electronic Equipment Directive (WEEE Directive) to prevent unauthorised access to unwanted or duplicate data.

SDS’s sister company Shredall take full responsibly for this and work as your Total Information Management company.