Skip to main content

Sharing company files

In an time where information is exchanged faster than ever, understanding how to navigate the sharing of personal data without compromising security and privacy is critical. Sharing personal data is part of responsible processing of personal data. This blog explores data sharing best practices that can help you share information effectively while protecting the personal data you hold.

Sharing files within your company safely

Even when you just share personal information within your company, you must make sure you take steps to protect people’s privacy. Here are some general rules to follow:

  • Share personal data only on a need-to-know basis
  • Use strong passwords to protect the accounts you use
  • Don’t send personal data in regular emails or messages without encryption
  • Make sure everyone on your team understands how to protect your data

Start your GDPR cleanup where it is needed the most

Sensitive data can tends to accumulate in the employees' e-mails. With a GDPR Risk Scan from DataMapper, you get a report that shows any potential GDPR risks in the company's e-mails.

Sending personal data by email

Sending personal data by regular email is generally not considered safe. Email messages travel as plain text. This makes them easy for hackers to intercept, then read the contents or steal attachments.

People can also forward or reply to emails, instantly copying and sharing the data with someone else. Whether intentionally or unintentionally, it is all too easy for personal information to be sent to multiple people who don’t need to see it.

There are a few things you can do to make email safe:

  1. Encrypt your emails
  2. Use a secure email service or app
  3. Password-protect attachments that contain personal data

It is also important to verify the identity of the recipient and ensure that the email address is correct. This will help to minimise the risk of unauthorised individuals accessing personal data.

Risks of sharing personal information online

Sharing personal data online always carries a certain measure of risk. Indeed, the risk is still there even if you are just sharing data with your own team. Here are some of the risks of sharing personal information online that you should be aware of:

Identity theft
Protect personal information like names, addresses, and ID numbers to prevent people from stealing your customers’ identities.  With just a few pieces of personal data, a hacker can open credit accounts, take out loans, or even file fraudulent tax returns.

Fraud and scams
There are lots of other types of fraud and scams out there. Phishing scams are the most common. Phishers often send emails that appear to be from someone you know, tricking you into clicking a link or giving away sensitive information.

Harassment and stalking
Personal information shared online, such as someone’s location, phone number, or email address, can also make them a target for cyberstalking, harassment, or even physical harm.

Reputation damage and fines
Whether someone on your team unintentionally leaks data or your company falls victim to a hacker, it will affect your reputation and potentially cost you large fines.

Get our Newsletter!

In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.

When you sign up for our newsletter you get a license for one user to ShareSimple, which will give you a secure email in Outlook. This special offer is for new customers only, with a limit of one freebie per company.

Safe email add-ins

A safe email add-in is a software extension that can be added to the emails you already have to enhance its security features. For example, it can add encryption, two-factor authentication, consent, and more to your email.

Try ShareSimple →

Sebastian Allerelli

Founder & COO at Safe Online
Governance, Risk & Compliance Specialist
Follow me on LinkedIn to get tips on GDPR →


How to handle sensitive personal data


How to find personal data with datamapping tool


How to prepare for a data audit