On May 25, 2018, the new EU data protection regulation (GDPR) became binding in all member states and applies to all IT processes in companies and government agencies. Therefore, each company must check whether its IT infrastructure is GDPR compliant and remedy any security deficiencies. An area frequently overlooked is printing, even though in this area there is an even greater demand for action.
The act regulates, among others, the processing and holding of personal data. For example, companies will be required to report any data leak within 72 hours (a so-called Security Breach Notification). In the event of a violation of the GDPR, high fines are to be imposed, which have been significantly increased when compared to the previously applicable regulations.
According to Section 3 (1) of the German Federal Data Protection Act (BDSG), personal data is defined as “any information concerning the personal or material circumstances of an identified or identifiable individual (the data subject)”. In practice however, it is not always easy to see whether or not certain information can be assigned to personal data. As a rule of thumb, it can be said that whenever a person can be directly or indirectly identified, for example by name, telephone number, account data, address or even IP address, then the data can be considered as personal data.
See our white paper to learn more about security risks when printing personal data and how you can avoid them. Whether end-to-end encryption or secure pull printing – ThinPrint’s security concept enables printing processes that are GDPR compliant.