More Data Security Issues
I came across an article this week which has alarmed me. It is about a speech expected to be given by Richard Thomas from the Information Commissioner’s Office, regarding the use of ‘Giant Databases’.
It highlights the fact that there has been a significant increase in data loss and that the databases getting lost are holding more information than ever before. In fact, most of them are in breach of the Data Protection Act! He is currently investigating 30 ‘serious’ cases where this has been the case within companies, councils, government agencies and central government.
These larger databases increase the risk of the information getting into criminal hands. Much of the information is irrelevant and should be removed and the risk is significantly increased when the database is moved between different agencies.
As we are all aware, there have been a number of reports of data losses in the news lately and I found some new statistics listed in the article. Apparently around 100 incidents were reported to the Commissioner’s Office between November 2007 and April 2008 and there were 277 in total in the year. These include breaches in website security and the theft or loss of computers and electronic storage media, such as memory sticks and CD ROMs. The NHS has reported the most incidents, 65 in total, 27 of which were lost or stolen computers. This number alone is as many as were reported by the whole private sector.
Here’s the really alarming bit. There is no legal requirement to report losses of personal data so, as bad as all these statistics are, the real figures are probably much higher!
Richard Thomas is expected to say that he believes companies who hold personal data should hold less of it if possible and take greater responsibility with the data they do hold. He also believes that companies who lose data should face tougher penalties. His comments are likely to be seen as a direct criticism of the Home Offices’ announced intension to record details of every phone call, email and text message sent in the UK.
To read the article, please use the following link:
http://news.uk.msn.com/Article.aspx?cp-documentid=10478193
More information on the Data Protection Act can be found here:
This entry was posted on Friday, October 31st, 2008 at 11:10 am and is filed under Articles, Business Advice, Data Security, IT Advice . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
