When it comes to all business either in the EU or working with an organisation in the EU, both big and small, everyone is required to follow the rules of GDPR. The General Data Protection Regulations state that all businesses need a clear procedure of how they request, store, process and eliminate all personal data of employees and visitors.
One of the ways this data is used is with ID cards. Many companies use them not just for identification purposes, but also for access control. So, if this data is used by the wrong person, it could have a seriously damaging effect on the business.
Now is a crucial time to think about whether your ID card printer applies to these GDPR regulations or if you need to have a re-think about your strategy. So, to help with this, we have compiled a list of the key points to consider.
It is essential to ensure your ID card printer has physical security as well as your cards being secure. This includes thinking about who has access to the printer and what precautions you take when it is left unattended.
Who has access to your printer? Although this might not seem like a massive issue, the printer has personal data passed through it all the time and is imprinted onto the ribbon. So, it is a good idea to re-think about who is allowed to access this information. If possible, it is worth putting a password onto your printer as studies have shown that many employees take company and customer data when they leave, especially if their employer can’t stop them.
Many printers being produced now come with physical locks for the input and output hoppers and the ribbon. This ensures printed cards are secure and the ribbon that has vital information imprinted onto it, can’t be taken and tampered with. As well as this, secure printers are complete with a Kensington lock which enable you to attach it to office furniture to stop printer theft.
If you already have a printer, many of these can be easily upgraded to add on physical locks.
Choosing an ID card printer with security features will only benefit your company. There are a range of options so you can choose what is right for your business and dramatically reduce counterfeiting and copying.
- UV Ultraviolet – this is a discreet way of increasing security as it is not visible unless a UV is shone over it. This makes it very hard to be copied and you can easily tell if it is forged.
- Micro text – micro text is a microscopic text which is printed onto cards and can only be read with a microscope. It is very discreet and stops counterfeiting as it is unique to every card.
- Security stamp/Watermark – Holographic foil is laminated onto the ID card and is always visible so can be easily detected and helps stop duplication.
- Magicard have also introduced a custom Holokote® Watermark. This is where a frosted holographic image is applied over the top of the card and can be customised to show your business’ logo. This gives one of the highest levels of card security and assures legitimacy.
Outsourcing can be both cost-effective and save a lot of time, especially for smaller businesses. So, for many companies, outsourcing their ID card printing to a third party is the perfect solution. But GDPR regulations may make this option more difficult. If you do not know your third-party’s strategy on protecting personal data, or even if they don’t properly have one, this will not only put them at risk of a data breach, but your organisation too as you share the responsibility equally.
To ensure your business is not liable for any outsourcing issues, make sure whoever you partner with has a full, outlined GDPR policy and you clearly know how they will handle and destroy this data.
Very often the topic of staff responsibility doesn’t come into play in regards to ID cards. For example, when a staff member forgets their card, quite often a temporary one is given out without thought. But is it very useful to start thinking about this. How many temporary cards are given out without being handed back in? Admittedly, it won’t have any personal data displayed on there, but it allows access to departments that unauthorised members aren’t permitted to enter. So, it would be a good idea to keep better track of these and ensure they are collected in at the end of the day.
As well as this, what staff do with their ID cards at the end of the day should perhaps be taken more into focus. If they are taking them home, ensure they understand the consequences of sharing this sensitive data out. Perhaps it might even be safer to keep them in a secure locker at work.
Finalisation and Destruction
When an ID card is no longer required, it is not good enough to simply throw it away anymore as anyone could retrieve it. You need to have a proper action plan in place for the disposal of not just the ID cards, but also the printer ribbons and anything else containing personal data.
Adam Bennett is a hands on digital marketing manager for the UK’s largest ID card company, Digital ID. Adam specialises in creating high-performance content marketing and SEO campaigns with a key passion for writing.