Information security company Shred-it has released a new online self-service tool designed to support businesses on their journey to General Data Protection Regulation (GDPR) compliance.

GDPR Manager follows guidance from the Information Commissioner’s Office (ICO) and meets its expectations by demystifying the complexity surrounding compliance.

 The tool guides users through a six-step process, from initial assessment to creating a manageable action plan.

The launch follows recent survey findings in Shred-it’s 2018 State of the Industry Report that 22 per cent of small business owners were totally unaware of the GDPR’s implementation.

Furthermore, only 39 per cent of large organisations had updated their procedures for detecting, reporting and investigating a data breach.

One of the most crucial aspects of compliance is being able to demonstrate how a company acquires, manages, stores and destroys personal data, or Personally Identifiable Information (PII).

“All organisations that collect, process and store PII must now put in place technical measures to manage the transparency and consent requirements of the new regulation,” said GDPR SaaS business manager David Hagelthorn.

“However, our 2018 State of the Industry Report highlighted that just 44 per cent of large businesses and 19 per cent of small businesses have documented a lawful basis for processing data.

“By adding GDPR Manager to Shred-it’s compliance portfolio, we are further showcasing our drive to help businesses both large and small protect what matters to them most - their reputation, their people and their customers’ data.”

The GDPR Manager tool enables businesses to take a holistic approach to data security and privacy.

The platform is mapped to the relevant sections of the GDPR and facilitates ongoing accountability to data protection principles.

It features best practice guidelines, analysis tools and a library of legally vetted sample policy and procedural templates all accessible 24/7 from any location and on any device.

With data management now in sharp focus, the online tool gives a company the ability to prove how it manages its data, critical to ensuring compliance with the GDPR.

By having all the data and procedure management information in one place, a company can demonstrate accountability within one hour which, according to the ICO, is a key requirement.

“As a result of developing this tool to meet the expectations of the ICO, purchasing and using GDPR Manager will help demonstrate that a company is working towards compliance,” said Hagelthorn.

“We all know the large fines and potential ramifications of non-compliance, so we’re excited to be able to provide our customers and other businesses with a clear and structured pathway to GDPR compliance.”