LWC 24/7      Press      Articles      News      Careers    
 




Archives:
  • November 2007
  • December 2007
  • January 2008
  • February 2008
  • March 2008
  • April 2008
  • May 2008
  • June 2008
  • July 2008
  • August 2008
  • October 2008
  • November 2008
  • April 2009
  • June 2009
  • August 2009
  • October 2009


    • Labels:
    •

     RSS feed

    If you would like to comment, please review our privacy policy and send an email to comments@leewhiteconsultants.com.

    Comments will be moderated and can be edited for length and clarity.


    LWC 24/7 Blog

    27 October 2008

    Data Handling Procedures

    So, here we are again with another case in the series of data handling blunders. The recent careless use of personal data of the Luxembourg branch of Kaupthing bank confirms that proper data handling procedures are crucial. Email addresses of customers were leaked due to the misuse of email.

    Inadequately defined procedures for data handling can, and will lead to improper and careless handling of personal data. We've seen this occur countless of times. For example, not too long ago, 25 million records were lost by the HM Revenue and Customs and according to the investigation, the problem was not with individual workers, but due to the lack of processes for data handling.

    All organisations should have reasonable security measures to protect personal data from misuse, loss, unauthorised access, and abuse. These measures can be stated in a Data Handling Manual, and must be implemented in a way where all concerned parties are well informed of the handling procedures. It is simply a guideline for handling personal data that should and must be adhered to by all in an organisation.

    Unfortunately, in most companies, not only are such manuals non-existent, but where there is such a manual, it is usually collecting dust in some shelf and most employees and contractors are not even aware of or do not adhere to the manual. The other problem is the fact that lack of adherence is usually not noted or if it is, it is not reprimanded regularly - well, at least until a big foul-up happens and becomes the headlines of major newspapers.

    It is perhaps more than timely for organisations to draw up these guidelines and train their personnel, ensuring regular audits to maintain adherence - in addition to appointing data protection officers and registering processes of personal data.

    If you would like some help in customising a data handling manual, please review our privacy policy and then contact Lee & White Consultants.

    Labels: , , ,

    posted by A_Voice on Monday, October 27, 2008
    Comments: Post a Comment





    << Home

    This page is powered by Blogger. Isn't yours?
     

      Contact

    Legal Notice - Privacy Policy  

    © 2003-2008 Lee & White Consultants®. All rights reserved.