Posted by Gareth Cutter on 22nd April 2009 to
Backup News The Information Commissioner’s Office (ICO) has found the British Council in breach of the Data Protection Act having lost an unencrypted disc of British Council staff details.
The disc, which contained the trade union membership details of 2,000 members of staff, was reported as lost by the British Council as soon as it realised the error had occurred. The ICO ruled against the council, although it recognised the quick report demonstrated clear concern for the importance of the data loss.
As a result, the ICO has required the council to sign a formal undertaking of reasonable data protection measures to keep sensitive information safe in future. “The Data Protection Act clearly states that organisations must take appropriate measures to ensure that personal information is kept secure,” commented Mark Gorill, assistant information commissioner at the ICO.
It’s especially important that Government institutions set an example for smaller businesses by protecting data from loss and corruption. The cost of either of these events occurring could be enough to drive a company out of business, and also have much wider repercussions for those whose data has been affected.
Encryption is especially important for all transfers of data, whether it be via online data backup or physical transportation as it prevents people accessing the data without the unique encryption key.
