Lock Up Your Data

Both HMRC and the MoD have been ordered by the Information Commissioner's Office (ICO) to comply with reports and recommendations into the separate incidents and provide regular progress reports on their implementation.  The reports concluded that the agencies were holding personal data that was excessive for the purpose for which they were processed.

In Novemeber 2008, the anniversary of the data breach by HMRC, the Conservatives released their own investigation report which found that, on average, one government computer a week goes 'missing'.  According to their report data losses include 53 laptops, 36 BlackBerrys, 30 mobiles, four disc drives and four memory sticks.

A few weeks prior to the Conservatives' report, the ICO published its position on Government data handling.  In his speech prior to the report's release, the Information Commissioner highlighted the risks associated with large databases, labelling information as a potential 'toxic liability' and called for tougher sanctins and the accountability of CEOs for data breaches.

Public concern over the security of its personal data is reflected in a recent decision by the European Court of Human Rights which ordered the Finnish governement to pay damages of 34,000 euros because it had failed to keep confidential a Finnish national's AIDS diagnosis.

So what can be done to protect personal and/or confidential data Under the seventh data processing principle of the Data Protection Act 1998, all organisations are required to have appropriate security measures to protect personal information against  unlawful or unauthorised use or disclosure and accidental loss, destruction or damage.

In terms of sanctions the Act has been amended by the Criminal Justice and Immigration Act 2008 to introduce tougher penalties for breaches of a data controller's obligations, including monetary penalty notices which the ICO may issue if it is satisfied that the data controller has committed a serious contravention of data protection principles.  Regulations settiing the maximum penalty have yet to be published but they will be sure to affect the private and public sector alike.

SOURCE: Spring issue of Moving Money magazine by Dr. Chris Payling, Law Firm Walker Morris.
 

ZebraHosts offsite data storage options can offer an economical and highly effective means of keeping your data safe.

Please call us on 0191 261 7555 to discuss it further.