Data Protection Compliant Fax

The EU’s new General Data Protection Regulation (GDPR) came into force in May 2018.

The rules increase privacy for individuals and give authorities greater powers to enforce data protection laws and take action against any organisations that commit data breaches.

This is a major area of concern that has been highlighted to us in respect of organisations that are still using traditional faxes. The continued use of traditional faxes could mean that they will soon be in breach of the new GDPR.

The EU GDPR and faxes

In relation to the use of faxes the following elements of GDPR should be reviewed.

An individual’s personal data is to be protected at all times

Organisations that collect and manage personal information must protect it from misuse while respecting data owners’ rights, which are guaranteed by EU law. The new rules are being adopted to ensure that personal data receives a high standard of protection with the EU’s boundaries.

In many organisations, traditional faxes cannot adhere to this requirement because they are often sent to a communal fax machine and not directly to an approved individual. They are not encrypted and nor are they logged.

In any transmission of data between two traditional paper faxes containing there are two copies of an individual’s personal private data, meaning the system is too easily open to breaches of privacy and abuse. Faxes can also often go missing or get misplaced, particularly where a number of faxes are being sent/received on the same machine. This represents a huge to organisations.

Individuals may request all data kept on them (in a portable format)

Under the GDPR, anyone can request a copy of all data that an organisation has on them. Any individual can request copies of all the faxes that have been sent or received, which contain data on them. This presents significant hurdles for organisations still using traditional paper faxes, in terms of them being able to collate, store, search and issue hard copies in a portable format.

Traditional faxes are not GDPR data compliant

If your organisation still uses traditional analogue paper faxes to share personally identifiable information, then you could soon be at risk of violating GDPR and receiving a heavy fine when the regulations come into force on 25th May, 2018.

The data sent via analogue faxes is not logged and information can be read by anyone, so a breach can happily all too easily.

Data requests have to be delivered in a timely manner, according to the new regulations. This is difficult if your fax archive is kept in hard copy paper form. Even faxes in a digital archive could prove problematic as they are images and, therefore, not searchable.

Our digital fax services

Security, privacy and protection

The digital fax services that we provide are fully compliant with the EU GDPR. They do not require the use of a fax machine; instead, faxes are sent and received by email, thus ensuring the privacy of the data is protected. Only authorised users with access to the email can read the faxes. All faxes are processed by the sender’s and recipient’s own organisations’ mail servers so that their faxes have the same level of privacy, protection and security as their emails.

Data requests

All faxes are sent and stored digitally. Therefore, they can be easily retrievable and supplied in a portable format, and within a reasonable time period, should an individual request a copy of all the data stored on them.

Data storage and transit

All of the servers that we use for transmitting and storage of our customers’ digital fax data reside in our secure data centres, which are all based in the EU – a requirement of the GDPR.

This enables the routing of data to be restricted to within the EU’s boundaries or any country that has been authorised as complying with GDPR. Where possible faxes are sent encrypted, if our customer’s servers support it – even cross-server transmissions within our own data centres are encrypted.

Set up and transfer of your fax numbers to Goldfish

Use of our digital fax services by our customers ensures they are fully compliant with the GDPR.

It is easy to set up and migrate your organisation from a traditional fax service to our digital fax-to-email service. You can keep and transfer your existing fax numbers to us seamlessly, without a break in service.

Penalties for non-compliance

The GDPR enacts tough new rules that allow authorities to penalise organisations that are non-compliant. Tough penalties can be imposed with fines of up to 4% of annual global revenue or €20 million (whichever is greater). With our digital fax numbers costing only €5 per month, can you afford to not move to digital fax?