All the latest UK technology news, reviews and analysis
|
|
|
23 Jan 2012
The Information Commissioner's Office (ICO) has been forced to take yet more action against private sector firms for lapse data handling procedures involving misdirected emails and unencrypted USB sticks.
The first incident concerned employment agency Manpower and involved a member of staff accidentally sending an email containing data on 400 individuals to 60 members of staff.
An investigation by the ICO found that, while the data appeared not to have been compromised, the firm had failed to properly consider the best way to transmit sensitive data among staff.
"The data controller had not given sufficient consideration to the security of the personal data compromised and had sent all data to the employee involved rather than only that which was required," it said in its undertaking.
"It was also discovered that the data had been transmitted over the internet without protection."
The firm has now agreed to ensure that all staff are fully trained on the correct way to handle sensitive information and that it will be sent with password protection or encryption if sent over the internet.
An ICO spokesperson added that the case highlighted the importance of having adequate procedures in place before personal information is disclosed
"Checking and double checking that information is being sent to the right recipient is a simple measure and one that could have prevented this data breach," they added.
The incident follows on from an undertaking the organisation issued after an employee working for mental health care provider Praxis Care lost an unencrypted memory stick containing personal details on 160 individuals.
The firm signed an undertaking agreeing to ensure such data was encrypted in the future and it said it was "confident that the measures taken will greatly reduce the risk of future information loss".
Unencrypted memory sticks are one of the most common causes of data loss in both the private and public sector with the ICO regularly forced to take action in such cases.
Latest stories from Law
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
On behalf of our client, a major player in the pharmaceutical...
Qualifications & Skills - Previous development...
Harvey Nash is currently recruiting a senior project...
URS supplies integrated engineering, environmental and...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?