If the news that LinkedIn was hacked wasn’t alarming enough for consumers, businesses were also left reeling this week by the news that the UK ICO handed out the largest ever data breach penalty. Brighton & Sussex University Hospitals NHS Trust were fined £325k after patient data was sold on eBay.
Alarmingly incidents like this are on the rise. Now is the time for UK organisations to act and reflect on their procedures for keeping sensitive consumer and patient data safe and secure.
Here we share our top ten tips:
- Know where it is. Today’s workplace is no longer tied to a single location. Meetings, training events, business trips and working from home mean that an increasing amount of sensitive data is in motion. Do you know which devices in your organisation contain sensitive data and where they are?
- Know who has access to it. What are your security procedures for access to your sensitive data? Who in your organisation has access to what and why?
- Encrypt it. Encryption keeps data confidential when a computer or storage device is lost.
- Control it. Your IT department should have total control over who can attach what to computers and which programs can run.
- Plan it. Have robust procedures in place for reporting lost or missing data – employees should feel comfortable reporting a breach, know how to report one and who to report it to.
- Define it. Be clear with employees about what does and what doesn’t constitute sensitive data. Collaborate & educate employees on what data they need to secure and how to secure it.
- Disaster Recovery – make it swift and act fast. Have a plan in place to recover the data and communicate efficiently.
- Keep it simple – data protection should be easily managed and fit seamlessly into your existing IT infrastructure.
- Remote action – according to The Telegraph, Londoners lose 10,000 mobile phones a month in the back of cabs! Lost devices should be easily disabled remotely should a breach occur and sensitive data go missing.
- Don’t wait. Act now. Data Security is something that should remain a primary concern for most businesses and is something that should be carefully managed to avoid key company data being compromised and substantial fines being imposed as a result.
To speak with a solution expert from our team about your data protection needs, please contact us on 020 8783 3800 or email us at: firstname.lastname@example.org: