Do businesses that send physical mail need to worry about #GDPR compliance?
Here’s everything you need to know
What Mailers Need to Know About GDPR Compliance
Is your mail process GDPR compliant?
Many mail compliance technologies and best practices can help businesses stay on the right side of any regulation.
What Mailers Need to Know About GDPR ComplianceEuropean businesses have had May 25, 2018 marked on their calendars for at least two years. That’s the compliance deadline for the General Data Protection Regulation (GDPR), a new set of standards meant to protect European consumer data. GDPR imposes strict requirements for data protection and steep fines for noncompliance: up to €20 million or 4 percent of annual revenue.
One of the key aspects of GDPR is that it strengthens the conditions for user consent to data processing and communications. In other words, companies have to ask their customers if they are okay with the business processing their data and communicating with them, and it has to be done in clear, plain language. No long, “terms and conditions” style legalese.Even though the regulation is European, it doesn’t only apply to Europe-based businesses; any company that does business in Europe is subject to its requirements.
So, if you’re a U.S.-based enterprise with European customers, or if you have a subsidiary based in Europe, you need to be compliant as well.
Similarly, it’s sometimes assumed that the regulation only covers digital communications like email. But GDPR’s objective is to protect all personal data, including email addresses, names, photos, bank details, medical information and more.
You may collect much of that data digitally, but the minute you print it on a piece of paper and mail it to a customer, you have to make sure you have the customer’s permission to communicate about that information with them, and that you’re adequately protecting their data in the process.
The bottom line is that mailers need to be cognizant of their communications to be sure they don’t run afoul of this particularly stiff regulation. Fortunately, many mail compliance technologies and best practices can help businesses stay on the right side of any regulation, GDPR included. Here’s what you need to know.
Automated Job SetupAchieving mail compliance is all about satisfying three basic requirements:
Proof of content: The content in every mail piece is accurate and compliant.
Proof of production: Each mail piece is accurately compiled, labeled and produced.
Proof of induction: Every mail piece is mailed correctly, including induction, at the right time and in the right place.
Work starts in the print and mail operation, and here, compliance is easier to achieve when technology and human intuition is working together to achieve the best results.That’s why it helps for print and mail operators to have visual confirmation of everything they need to complete a job, and that’s available through automated job setup.
This capability automatically loads information for inserts and mailing envelopes at multiple levels.At the start of a job, the system will display pictures of all items intended for the job to give the operator a visual verification that the correct materials are being used.
From there, automated scanning verifies elements of the mailpiece throughout the process, meaning that along the way you’ve got every opportunity to ensure that nothing is out of place.
File-based Processing and 2D barcodes
Speaking of tracking, the best way to maintain mail compliance is to use a mix of file-based processing and 2D barcodes to match every page of every document that you send with the correct envelope.It starts with the 2D barcode, which allows for even more data to be attached to a document than methods like the optimal mark recognition (OMR) or the 1D barcode. A 2D barcode is added not only to the outside of the envelope, but to every single page of the document inside that mailpiece.
With file-based processing, everything associated with that mailpiece is tracked throughout the entire mail processing lifecycle. If, for example, a single page of the document is lost somewhere in the mail insertion process, then the system will know about it and correct it before that mailpiece is able to move to the next stage. In other words, no mailpiece ever leaves your mail center until you’re absolutely sure that every part of every document is in the right envelope.
This helps you avoid costly errors, like sending sensitive personal information to the wrong recipient. Importantly, file-based processing also ensures that the actual content of the mailpiece is never exposed to a mail center operator during the process.
All of the records associated with the job are sent to the mail inserting system in a single file, and the documents are automatically scanned, verified and inserted without human intervention. That ensures that private information stays private.2D barcodes also offer tracking after the mailpiece leaves the building, which means you can verify that it has reached its intended destination.
In 2018, a large North American insurance provider settled a multi-million dollar lawsuit as the result of an envelope error that exposed sensitive healthcare information for more than 12,000 policyholders. Envelopes with an oversized window were mistakenly used during the production process making it easy for anyone to read private information on the documents within.
How do you avoid this type of error and ensure that the right envelope is loaded for each piece within a job?
For sensitive communications, it’s best to only use plain, closed-face envelopes with only the recipient’s name and address printed directly on the outer face. Once again, you can print a 2D-barcode directly on the outer face of the envelope (and the content within) to ensure that the right documents are inserted into the right envelopes for every mailpiece in a job run.
High-quality Inkjet Printing, Print quality is also important; imagine the impact of an printing defect that results in an account number or barcode being cut off or printed incorrectly on a document. Suddenly, a sensitive mailpiece might accidentally end up in the wrong envelope and delivered to the wrong household, resulting in a potential compliance risk.
High-quality color inkjet printers address data integrity right at the point of production, not only making sure that the data printed on the front of the envelope is correct, but also by enabling flexible printing capabilities that can improve accuracy throughout the process.
Look for a digital printing system that’s capable of assigning unique barcodes or implementing tracking information. Not only will you avoid simple yet costly mistakes, but you’ll also limit re-work, which stalls productivity and delays timely mailings.
Turn GDPR Compliance into an Opportunity
While many businesses might see mail compliance as a burden or a threat, the truth is that it can also be used as a competitive advantage.
For enterprises, customers want to work with companies they can trust, and for mail services providers, the ability to offer GDPR compliance can attract business: 21 percent of businesses say they’re considering outsourcing their print communications to an external provider that can offer better security and compliance protocols.
At the very least, integrity in the print and mail process will ensure you can get a better night’s rest knowing that your communications aren’t leaving you at risk for costly compliance breaches.
You can learn more about what print and mail operations need to know about GDPR from the Pitney Bowes on-demand webinar.
You can also download the Pitney Bowes eBook, “Maintaining compliance, managing risk,” to find out what it takes to achieve print and mail compliance. And, learn more about the production print and mail solutions that help mail operators be more competitive and maintain compliance.