Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Fwd: SMEs routinely breach the Data Protection Act

From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 8 Jun 2009 09:11:31 -0400
From the folks at Attrition and the DataLossDB.


---------- Forwarded message ----------
From: security curmudgeon <jericho () attrition org>
Date: Jun 8, 2009 6:49 AM
Subject: SMEs routinely breach the Data Protection Act
To: dataloss-discuss () datalossdb org, dataloss () datalossdb org

 http://www.securitypark.co.uk/security_article263145.html

 SMEs routinely breach the Data Protection Act SMEs routinely breach the
 Data Protection Act - (08/06/2009)

 According to a survey of over 500 small and medium businesses conducted by
 BSI, almost one in five businesses has unwittingly breached the Data
 Protection Act (DPA) at least once. Of these, nearly half said they had
 breached the Act on several occasions and an additional 18% said they were
 not sure whether they had or not. A breach could refer to the illegal
 transfer of information to a third party, failure to hold information
 securely or neglect of other legal obligations.

 The survey provides a snapshot of how UK businesses manage the personal
 information they hold on staff and customers, including sensitive data
 such as racial or ethnic origin, trade union membership and criminal
 proceedings. It was carried out to mark the publication today of a new
 British Standard on data protection which will help organizations put in
 place a framework for maintaining and improving compliance with data
 protection legislation and good practice.

 The survey also found that:
 * 65% of businesses provide no data protection training for their staff.
 * Nearly half of those surveyed admit that there is no one in their
 business with specific responsibility for data protection.
 * 15% of businesses are not confident that their data sharing practices
 conform to the DPA and worryingly, almost 5% of these frequently share
 data regardless.
 * 18% of businesses said that data protection is less of a priority in the
 current economic climate.

 [..]

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: