Loader

Data: You can’t afford to lose!

Secure data

Data: You can’t afford to lose!

It’s not just the government that’s guilty of losing sensitive data – a number of other organisations have transgressed recently. Here’s some advice to help you to stay on the right side of the law.

Grow your sales revenue with a proven approach to generating leads

Government departments have been in the news recently, following the loss of sensitive personal data – a breach of the Data Protection Act – but it’s not just the government that’s been negligent.

In recent months, the ICO (Information Commissioner’s Office) has investigated Skipton Financial Services and Marks & Spencer for not adequately protecting customer data on computers that were stolen.

In 2007, eleven banks were found to have breached the act by failing to deal properly with sensitive printed data, which was left outside their buildings with the office waste! Also in 2007, Nationwide Building Society was fined £980,000 by its regulatory body, the FSA, for inadequate data protection safeguards – again following a computer theft.

The ICO appears more inclined to warn than prosecute, but loss of sensitive data is clearly to be avoided. It should be treated as a matter of good practice not just a way to avoid prosecution, fines or bad publicity.

The ICO has produced a comprehensive ‘Good Practice Note – Security of Personal Information’, which may be found here and is well worth reading. The paper points out that risks stem from organisation, staff, physical access or computerisation factors. In summary, the note advises:

  • being clear about the risks of data loss and responsibility for data security in the organisation;
  • making sure that staff responsibilities are clear and that staff are alert to the risks and consequences of data loss (a high proportion of data security incidents are staff related);
  • taking steps to manage physical security, including building access and storage of physical data in the office;
  • implementing a range of policies around access to and management of computerised data, such as data encryption, password security and control of data taken out of the office.

More information about the ICO and the Data Protection Act may be found at www.ico.org.uk.

Increase your sales and marketing impact contact us now.