All news
New rules on Data Breaches
22 August 2011
Businesses of all sizes that store customer data are being warned by the European Commission that they will soon be forced to publicise any data breach they might suffer, running the risk of destroying their company’s reputation.
The European Commission is making changes to data protection laws that are expected to be introduced in over the coming months. European Union justice commissioner Viviane Reding , announced at the recent British Bankers' Association (BBA) Data Protection and Privacy Conference, that the laws would force all businesses, especially the financial sector, to take data protection more seriously.
Although many businesses are conscious of their confidential data responsibilities and have data protection policies in place, more can still be done.
This move, coupled with the fact that the Information Commissioner’s Office is now imposing fines of up to £500,000 on companies found guilty of breaching the Data Protection Act, is causing businesses to sit up and take notice.
Anthony Pearlgood, commercial director of national shredding company PHS Datashred, and former Chairman of the BSIA’s (British Security Industry Association) information destruction section, said:
“Destroying confidential customer data in every type of business is now a legal and Europe – wide necessity. The alternative is daunting - loss of faith, brand damage, breaking the law and the risk of a hefty fine. Companies, especially those in financial services, must start thinking about making data destruction a top priority in offices, factories and warehouses throughout the country.”
Tips to prevent data leaks in your business
1. Create a confidential data policy – if you don’t have one already you are already in the high risk category for being a victim of data theft.
2. Store & dispose of data safely – don’t assume that binning it is the end of the matter. Criminals often rifle through bins in car parks where confidential data has been poorly disposed of.
3. Destroy data properly – Arrange for a properly accredited company to help store, collect and securely destroy information. Ensure you know where your data is heading. Even better, have your data destroyed on site, using a mobile shredding vehicle and watch the destruction.
4. Check identities – use credit reference agencies to verify the identity of your preferred suppliers.
5. Secure your accounts – don’t allow bank details to escape into the public domain. Thieves are adept at falsifying signatures.
6. Inform staff – train staff on how to deal with confidential data properly and monitor their behaviour. Remember, most fraud is committed by people who work within the organisation.
7. Beware of carrying large amounts of confidential data on unencrypted laptops, data sticks or mobile devices such as Blackberrys and iPhones. These small portable gadgets are magnets for thieves who can exploit your confidential information.
Datashred