DPL: Why It’s More Important Than Before

In October 2020, the DIFC Data Protection Law (DPL) came into effect across the UAE. Owing to the disruption of COVID-19, the DIFC Authority announced a grace period of three months to comply with the Data Protection Law. But now that time has well and truly passed, it’s time to start thinking about compliance and the protection of the confidential data you hold.

So, why is this more important today than ever before? In short, the answer is data. Data that now flows throughout every organisation and is becoming increasingly essential to success. But if not looked after in a secure and compliant way, that same data has the potential to be the undoing of any business, regardless of shape or size, owing to the sizeable fines handed out by the Commissioner.

To ensure your business doesn’t become the latest statistic or headline at the hands of the Commissioner, our infographic – 10 Steps to Data Protection in 2021 – explores some of the essential ways your organisation can protect your personal information in today’s data-driven world.

But in the meantime, we wanted to explore the pandemic’s impact on data protection and the DPL, and what this means for your business in a new world of work, where employees switch freely between home and office environments – and data only continues to grow in importance.

COVID-19’s Impact on the DPL

In the wake of COVID-19, the most pressing consideration in relation to the DPL is the fact that many of us are currently working from home. Which is a trend that is almost certainly here to stay even once offices around the world reopen, with many companies set to embrace a hybrid model of working.

In response, the way we physically stay compliant will change. For example, now there isn’t easy access to an office shredder, how should employees dispose of confidential documents? Our guide to secure remote work offers guidance on such short term challenges – and how to overcome them.

But longer term, organisations will need to update their policies to cover those small-but-important processes. In addition, it will be essential to educate staff and raise awareness of the risks, so that every person in an organisation has the confidence to handle and securely dispose of sensitive information, regardless of where they’re working.
Beyond the physical threats, this shift in ways of working has also effectively widened security perimeters from a single office to potentially the entire globe. With this comes the need to put data protection at the top of every business agenda, rather than being an afterthought in the data handling process.

Given the fact that the grace period has well and truly passed, failure to comply can no longer be an excuse. And while the crippling fines handed out by the Commissioner were once the talk of the town, the fact that COVID-19 has stolen the lion’s share of headlines in the past year or so, doesn’t mean businesses haven’t suffered eye-watering penalties.
But of course, it’s arguably the reputational damage that can have the biggest, most lasting impact on a business. In 2021, customers trust companies with their data – but once this trust is betrayed, it’s almost impossible to claw back. So, why run the risk of becoming a headline, or a business blacklisted in the eyes of the public?

Shred-it protects what matters and what matters to us is the security of your business. By following the simple steps outlined in our infographic, combined with our specialty shredding services, you can give your company every chance to prevent your personal information from falling into the wrong hands, at the same time as always ensuring compliance with the DPL.