Are Paper Records the Low-Hanging Fruit of GDPR?

If you missed our September 12th webinar “Are Paper Records the Low-hanging Fruit of GDPR?” we have a handy recap for you.

Adam Grainger, CIO of Baker Tilly International and Nick Reeve, Nitro’s UK country manager, work through the challenges faced by organizations that still rely on paper for document management and offer best practices to move toward a paperless, digital solution for GDPR compliance. They were joined by Jon Collins, principal analyst and author at Gigaom, who kept the conversation moving.

The European Union’s General Data Protection Regulation (GDPR) dominated the news for months leading up to its May 25, 2018 implementation. Since then, the buzz has quieted, but challenges remain in its implementation across companies large and small. Let’s dig in.

Know Your Data

Nick began by walking the panel through the role paper processes play in structured versus unstructured data, which both factor into GDPR. Structured data—anything that sits in a database and is governed by a database schema (a logical, searchable system)—gets most of the attention from hackers and, therefore, the general public. Unstructured data encompasses anything outside of that (documents, emails, interoffice communication) and this is where PDF and paper both play a larger role.

Despite the fact that PDF is now ubiquitous—users create 2.5 trillion PDFs each year, 18 billion PDFs are in Dropbox, and 70 percent of all attachments are PDF—companies typically give all employees access to the Microsoft Office suite but give only one in 10 employees a PDF productivity tool.

The Paper Problem, the PDF Solution

This lead to Nick explaining the risks of the paper-based office, starting with a startling statistic: An estimated 23 percent of security breaches involve paper documents—and that’s only for large breaches, the ones that make headlines. The stat for small breaches is far worse at 60 percent, which doesn’t get the same attention but represents a huge problem.

PDF plays a major role in alleviating the risk of breach and data loss. In the typical office where only a small percentage of staff have PDF tools, an employee will either need to edit a document in another format (e.g., Microsoft Word) or, worse, print and write by hand. They then find a colleague who has PDF tools and scan it back into digital form.

This outdated method leaves paper sitting on printers and scanners, bogs the team down in inefficient, unmanaged workflows, and results in unnecessary waste and cost.

“Users will know where they can make a difference. We’ve seen print reductions of up to 50 percent by arming offices with the right tools.”   —Nick Reeve

eSign a Crucial Tool

And now we get to the meat of the webinar, in which Nick draws a compelling picture of the role eSign can play in improving workplace security. Despite the fact that digital signatures are as legally binding as those on paper, 65 percent are still done with pen and paper.

In addition to being more secure, an eSignature solution allows users to track every element of a transaction—when you received the file, opened it, signed it, how long you read it, who you forwarded it to, and more. The power of eSign? It adds complete transparency to information, which is critical for meeting GDPR standards.

Jon agrees that tools like Nitro’s eSign are a pretty quick win for getting the right processes in place that can address paper-based workflows and are compliant by design. GDPR can be a real imposition on existing systems. Work smarter, not harder: Don’t just put a veneer on top of your current systems—change the way you do things to be compliant in the first place.

It’s All About Process

Adam emphasizes that a key element to a successful GDPR experience is efficient workplace processes. Baker Tilly was transitioning to the cloud and set to make additional improvements before the mandate came down—GDPR was the catalyst to take the next step and mobilize an internal task force across departments. It’s not just a tech issue, it’s communications, legal, customer service, and much more.

Nick adds that, in the midst of these digital transitions, PDF productivity tools are essential. Although these changes can be driven top-down or bottom-up, the most savvy stakeholders are the ones who use these products daily.

“End users get this, but CIOs seem to have no idea. The appetite to fix this has always been there, but the issue has been price point. … When you give tools to people who don’t have them, you reduce the risk and up the return.”  —Nick Reeve

Embrace the Journey

While closing up the conversation, Adam cautions companies to not get stuck on compliance. Rather, he says, organizations should invest in a process that can move them in the right direction—and ready to address concerns should they come up.

Nitro has taken this journey many times, Nick says, and the Nitro Productivity Suite can help deliver quick wins. Change can feel scary, but it doesn’t have to be—if you’ve got the right partner in your corner.
Watch the complete webinar and discover solutions for replacing outdated, time-consuming paper-based processes with secure, connected digital workflows. Watch the complete webinar and discover solutions for replacing outdated, time-consuming paper-based processes with secure, connected digital workflows.