Sunday, February 08, 2009

DS Breaches

According to the latest findings, data breaches appear to become a common occurence:

The personal information of UK citizens is being lost and stolen at an unprecedented rate, the UK’s privacy watchdog said today. Nearly 100 data breaches were reported to the Information Commissioner’s Office (ICO) in the last three months alone, with millions of bank details, addresses, emails, private health information and employee salary statements lost or stolen in 2008. Data breaches jumped by 36 per cent last year, the ICO said. Personal information is now lost - on average - more than once a day.

In June, Virgin Media lost a CD containing private information on more than 3,000 customers while a hospital in Wembley recently had two computers stolen which contained the unencrypted details on 400 patients. Richard Thomas, the Information Commissioner, said it was “unacceptable” that private companies - responsible for 112 of the 376 data breaches last year - could not be investigated by the ICO without their permission.

Source: The Times, 8 Feb. 2009

Ensuring technical security standards by organisations is covered under the 7th data protection principle within the UK Data Protection Act 1998. Getting a privacy audit (or a privacy impact assessment test) of the organisation's technical security procedures would be a starting point. More details can be found on the ICO website.

No comments: