ICO feat: Prudential

Prudent: cautious, discreet and sensible.

Prudential: involving or showing care and forethought, typically in business.

Ironically, given the meaning of their name, Prudential have recently been fined £50,000 by the Information Commissioner.

Usually we hear stories of how companies have lost data. However, Prudential is setting the mark for future organisations being the first to be fined for not losing data but not using it correctly.

It has recently been reported that two customers have been confused with one another for 3 years, resulting in one receiving the other’s retirement savings.

In this case the concern lies with the consistency in this error. In 3 years, even though it had been brought to Prudential’s attention by the ICO, the issue was not resolved until recently which consequently draws my attention to the level of internal error. The lack of:

  • communication
  • effective processes
  • telecommunications
  • protection of customer files
  • access to the customer files

“Inaccurate information in a customer’s record can have a significant impact on someone’s life” Stephen Eckersley, ICO is absolutely correct.

Now, whilst this has been resolved and Prudential have graciously accepted the fine and found the root of the cause was with an external financial advisor, this is a case for other organisations to learn from. Human error can occur regardless of your job position, your level of experience or expertise, but it is important to ensure that those providing third party services to you and your organisation, that their services or work check’s out with the policies of your organisation.

 Adopting an information security management system and aligning it to the international best practice standard, ISO27001, will help an organisation to maintain the Confidentiality, Integrity and Availability (CIA), of its information assets. The INTEGRITY of Prudential’s data being the weak link in this example.

 IT Governance can help you and all of your compliance needs for a fraction of the cost of £50,000. Hindsight is a wonderful thing, and we have all said it – ‘Ahhhh if only I’d known what I know now…’ thing is WE ARE NO SECRET. We exist and can most definitely help you to avoid such a costly ‘d’oh!’ 

It costs nothing to drop us an email and ask away.

Email servicecentre@itgovernance.co.uk or call 0845 070 1750 today.