I was reading through a press release that slightly alarmed me after it emerged that credit card details of hundreds of guests at an exclusive hotel were found dumped in a skip.
The Information Commissioner's Office (ICO) said the hotel may also have breached the Data Protection Act by wrongly disposing of the cards, understood to include those completed by a number of MPs.
I agree that there was certainly a procedural lapse to ensure the security/confidentiality of customer's personal details. I cannot overemphasise the need to comply with the Data Protection Act 1998. In particular, the seventh data protection principle states that:
Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
To see further guidelines, see the Information Commissioner's website.
No comments:
Post a Comment