Bad paper management puts 25% of SMEs at risk of breaching data laws

A study of UK small businesses has discovered mismanagement of paperwork is putting their security at risk, with many employees breaching data protection rules. What’s more, failure to correctly manage files is costing businesses time and money, with a quarter of those surveyed (23%) stating that they struggle to stay on top of their paperwork.

Software developer Reckon, which commissioned the study of 1,000 small business leaders, found that 30% of respondents rely too heavily on printed documents during their first year of trading, a problem that is still surprisingly in place for 15% of established businesses with a turnover of £10 million or more.

One in 10 respondents admitted to finding it difficult to manage and store paper documents, yet 30% believe that using more technology would enable them to make their business more efficient.

These difficulties mean SMEs risk breaking basic data security guidelines, including ensuring that information is stored securely for a reasonable and agreed length of time, depending on their sector, and processed in line with the subject’s rights or contractual agreement.

10% of those surveyed admit to regularly sharing files via personal devices and to sending documents to personal email addresses to either work remotely or catch up on outstanding work while at home. A quarter of participants admitted to saving files on their desktop rather than a central server for similar reasons, or simply because it’s easier and quicker to do so.

Mark Woolley, commercial director for Reckon said: “It’s worrying that so many UK SMEs continue to use paper to manage critical information and in turn continue to struggle stay on top of information. Incorrectly or haphazardly managing information can have a negative impact on time, money and reputation – something no business wants.

“With new legislation such as the General Data Protection Regulation, which allows clients to claim for damages to data loss, coming into force before we leave the EU, it is imperative that the businesses consider new ways of storing and sharing data securely. This new legislation seeks to strengthen and unify data protection across the continent and is likely to be adopted by the UK even as we leave the Union. What’s more, it will have to be adhered to by any business conducting activity with or on behalf of companies based in an EU member state.

“Data security and employee time are two factors which need to be carefully managed by any business. While there are some resources out there already, there is clearly still a gap to be filled and it needs to be filled quickly. We’d urge any new business to make life simpler for themselves by seeking good advice and to identify the best systems to help them comply.”