All the latest UK technology news, reviews and analysis
|
|
|
28 May 2010
The Information Commissioner's Office (ICO) has received over 1,000 reports of data breaches or losses since it was set up, and has issued a stern reminder that organisations must ensure that data is well protected.
Deputy commissioner David Smith said that the majority of the losses were the result of human error, and that companies need "extra vigilance" to stop data ending up in the wrong hands.
"Staff must be adequately trained in the value of personal information and how to protect it," he said.
"Organisations should have clear security and disclosure procedures that staff can understand, and these should be properly implemented and followed by staff."
The NHS remains the biggest culprit with 305 reported incidents of lost or stolen data, followed by the private sector with 288 incidents. Details of all incidents are available in the ICO Security Breaches Report (PDF).
Smith also pointed companies to the ICO Data Protection Guide, which includes tips for avoiding wrongful disclosure.
However, Chris McIntosh, chief executive at encryption firm Stonewood, suggested that merely prompting organisations to train staff is not enough, and could leave employees facing the blame for any future losses.
"Organisations can say that they are putting into effect firm policies to protect data, but this report shows that, unless they match this with positive action, they will be doing nothing more than shifting the burden of responsibility onto employees," he said.
"It will be interesting to see what reaction there is to this report."
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Business Objects Developer - VP - Banking My leading...
C++ Programmer/ Developer/Object Orientated/ Software...
Senior Java Design Developer Banking / J2EE...
Internet Solutions Architect - Hands-on Banking experience...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Concerns still remain
Despite persistent warnings from the ICO, the threat of large fines, and irreversible reputation damage, personal data is still being lost by businesses. We recently undertook research at Infosecurity Europe, which revealed major concerns still remain over the safety of data sent via email. 93 per cent of respondents said they were ?very? or ?somewhat concerned? about the potential for private or personal information within an organisation to be inadvertently leaked via email. This is despite the fact that nearly two thirds of those surveyed (64 per cent) said that their company fell under some kind of data protection regulation that required special procedures, such as encryption, on certain types of email. Enterprises have a pressing need to adhere to regulations that require special handling of sensitive information in emails, and require automatic methods for ensuring compliance. Businesses are increasingly turning to data loss prevention, email encryption, compliance and eDiscovery solutions in a bid to meet these increasingly complex data privacy requirements and ensure their own peace of mind when it comes to the security of the information held in email communications.
Posted by: Ken Yearwood, director NEMEA at Proofpoint 07 Jun 2010
1000? Data breaches
Until The ICO start to get tough on the organisations that lose the data they will keep on losing it.Smack them with a f'ng great fine and maybe they will treat it with more respect.
Posted by: John. 31 May 2010