Are your printers GDPR compliant?

  24th Nov 2017 - 14:12 24th Nov 2017
Mike Walker
Workflow Group

Are your printers GDPR compliant?

Hi all,

If your unsure about your current printer fleet in yor office, or even your printer at home, please get in touch and i will be more than happy to assist you.

The foundation of a GDPR compliant system is a well designed and secure information system. The regulation raises the bar by stating that security should be designed in from the beginning, and that personal data should be anonymized wherever possible.

The print system is not exempt from these requirements. An unsecured print system can leave your organization vulnerable for two reasons:it is a point of entry for an attacker, and printed documents themselves can be a source of data loss. In a 2017 Quocirca report1, more than 80% of companies report concerns about print related data losses, with 61% reporting actual losses in the past year.

Mike Walker - 07717 357573.

Thank you


  25th Nov 2017 - 07:29 25th Nov 2017
Ian Grey
WADIFF Consulting

The GDPR is about respecting and protecting personal data in any format - on paper, held electronically, verbally. It definitely has to be designed in and not 'bolted on'. The foundation is allowing individuals to exercise their rights and ensuring a company meets the principles, especially the one on Accountability (which means you need some records to show you have thought about the risks to the personal data you process clients, prospects, staff etc.).

You need to take proportionate measures to protect data. This includes printing, but a higher risk is probably having your home/office WiFi being taken over if it isn't properly secured or using public WiFi systems. Anonymization and pseudonymisation are ways to protect personal data, but they are only necessary when that reduces a risk to the data. Other GDPR myths include:
- you need 'consent' to do anything with personal data - see if you can use Legitimate Interest or to fulfil a Contract
- you need to encrypt everything - only if that reduces a risk
- if someone asks you to erase their personal data you have to do it - only if you have no other lawful purpose for keeping it. If you need to keep it to show a contract existed or you supplied a product or service that includes a warranty you may not need to delete it

Some key points about the GDPR
The GDPR Principles
The rights of individuals
GDPR Myths

To reply to this topic please sign in or register.