data protection act Archive
The Data Protection Act (‘DPA’) in the UK is a cornerstone of IT and information-related legislation. It applies to all organisations that collect or hold information about living individuals. Most organisations would claim that they comply with the DPA. The reality …
I did a presentation earlier this week at NITES, in Ireland. My topic was data protection and governance. I took the opportunity to make a number of linked points: We already have data protection legislation in the EU and US; These …
Apparently, we’re today kicking off the UK National Identity Fraud Prevention Week – and research for RSA reveals wide-spread disbelief (as in, 90% of Britons) that their personal data are safe with banks and retailers, and half the people think that not enough is done …
Virgin is a strong brand, so a welter of stories describing Virgin Media’s breach of the Data Protection Act, when it lost an unencrypted disc containing the details of some 3,000 customers, would not have been part of the PR strategy. As …
I wish that I was surprised by Logica’s survey findings, that 57% of firms had ‘no understanding of the impact of a security breach on their organisation.’ And the sad fact is that, in a number of these ‘unaware’ organisations, …
Search Security published this, on 29 July 2008: Last week, the MoD was forced, in an answer to a parliamentary question, to admit that during the last four years, 658 of its laptops were stolen, and another 89 lost. Only …
Well, I did say, when the government blamed the HMRC data loss on the failure of some junior member of staff to observe the rules, that if the truth were ever to emerge, it would be that HMRC suffered from …
The UK government claimed that the person who burnt the HMRC child benefit database to a disc and mailed it to the National Audit Office (NAO) was a relatively junior civil servant who had breached rules and would be subject …
While one swallow might not make a summer, multiple breaches of one particular law (Information Commissioner: “we are already investigating two other breaches”) do rather suggest that the organization concerned has little interest in compliance with it. Her Majesty’s Revenue …
If UK companies are still struggling to get to grips with the Data Protection Act (1998), then just think how far they still have to go to get to grips with the rest of their data security requirements!
