IT Governance Ltd, the global leader in DPA compliance information, standards, books, tools and training, is urging organisations to help their staff understand the data protection requirements and adhere to these. By integrating some simple, but effective resources into their work practice, organisations, especially those handling personal data, can reduce human errors and avoid data breaches.
At the beginning of December the Information Commissioner’s Office (ICO) issued his largest ever fine for a breach of the Data Protection Act (DPA). Powys Council was fined £130,000 after details of a child protection case were sent to the wrong person. The recipient of the email knew the identities of the parent and child.
In a separate incident, reports from child protection cases were sent to a shared printer, and were mistakenly picked up. These incidents follow on from another breach of the DPA from Powys Council last year.
In order to improve staff awareness of the DPA requirements, organisations can take advantage of the Data Protection Staff Awareness e-learning course from IT Governance which is a quick and effective means of delivering staff DPA training. This non-technical course will help staff understand their responsibilities in regards to data protection. User licenses can be bought online here www.itgovernance.co.uk/products/3392. Organisations who buy 10 DPA single user licenses in December will receive a set of DPA posters free.
Staff who use portable devices to carry personal data with them should be particularly aware of the risk they take. The ICO has made it clear that staff shouldn’t be using non-secure devices. Any company that doesn’t do this is in risks of a data breach and can suffer heavy fines and reputation damage as a result. An enterprise-level secure USB stick, such as the SafeStick, by default, should be the only USB stick used within any organisation.
The CESG-approved SafeStick is an enterprise-level secure USB with encryption hardware. It is the preferred government and enterprise USB stick, and the one chosen by the UK's National Health Service (NHS), with over 1 million already in use.
The SafeStick makes it easier for organisations to ensure that their confidential data is protected. It includes lockdown protection and remote wipe, so confidential data will never be exposed. Moreover, any personal information saved on it is protected, as required by the DPA.
The encryption function of the SafeStick is also in line with the ISO 27001 control A.10.7.1. It specifically deals with management of removable media and any organisation implementing this control must (amongst other things) use encrypted memory sticks.
Organisations can order the SafeStick online here: www.itgovernance.co.uk/products/3641 . Organisations who buy 20 SafeSticks in December will receive a set of DPA posters free. Bulk volumes can be purchased directly from the friendly and helpful IT Governance service centre team on telephone number +44 (0)845 070 1750. Larger organisations can make purchases with a purchase order either by telephone or by e-mail to email@example.com.