The Data Protection Act has got everyone talking and not for the right reasons – two high profile suspected breaches of the Act have taken place within a couple of days.
Virgin Trains and Richard Branson have found themselves being investigated by with the Information Commissioner’s Office (ICO) after they released CCTV footage from one of their trains into the public sphere.
Without going into too much detail surrounding the politics, Virgin Trains released CCTV footage in order to try and disprove a claim by the Leader of the Labour Party, Jeremy Corbyn, that their trains were overcrowded – stating that he walked past plenty of empty seats before filming his vlog on the floor of a carriage. Ultimately, this led to the latest political scandal, dubbed Traingate.
The second case involves Whatsapp sharing data with its sister company, Facebook, in order to improve targeted advertising on the free chat service. Both companies are also under investigation by the ICO due to the worry that there is a lack of control of the data shared. Users will be unsure of what is exactly going to be shared between the two companies.
Data Protection is becoming a bigger issue online due to many people being uneasy about their information being used without their consent. In a world where everything can be shared online to millions via social media, we must remember that people still value their privacy.
What should businesses do?
Inevitably within business, information will have to be shared. Yet, everyone within the organisation must be aware of the kind of data being handled and the repercussions if this data is breached. No one wants a Data Protection scandal lingering over their heads.
First and foremost, businesses need to be aware of the eight principles of the Data Protection Act. These principles are the cornerstones of data protection and ensuring that data is not lost, stolen or copied without consent. If the people at the top of the tree aren’t aware of and on board with these principles, then it will be impossible to spread the message down to employees. This is where companies fail.
Data Protection needs to be seen as a serious issue and not an afterthought to fill quotas.
The human factor should not be underestimated. With this in mind, businesses must ensure that their staff are trained in the principles of the Data Protection. Failure to do so could lead to sensitive information being leaked, which will damage the organisation’s reputation and could lead to financial consequences.
Bob’s Top Data Protection Tips
- Make sure that whoever is in possession of the data understands they are responsible for it.
- Do not throw away data in the bin unless it is securely locked or it has been shredded.
- Encrypt all your sensitive data – use two-step authentication to add an extra layer.
- Always verify a customer’s identity when a request for personal information is made.
Bob’s Module of the Month
Our Data Protection training module will ensure all staff are aware of every principle of the Data Protection Act so they handle data with the care. The module will walk users through the different types of data, the precautions that need to be in place and how they should dispose of information once they have finished with it. End users must be aware of the principles that make up the backbone of the Data Protection act, so our bite-sized module is the perfect solution.