The Information Commissioner's Office (ICO) has found eleven banks and other financial institutions in breach of the Data Protection Act after investigating complaints concerning the disposal of customer information. They were were all found to
have discarded personal information in waste bins /receptacles outside their
This is a clearly widespread problem. The ICO points the finger at HBOS, Alliance & Leicester, Royal Bank of Scotland, Scarborough Building Society, Clydesdale Bank, Natwest, United National Bank, Barclays Bank, Co-operative Bank, HFC Bank, Nationwide Building Society and The Post Office. It must be seen as a major wake-up call as the guilty parties are all respectable organizations with sizeable security budgets and functions, ones that are more likely to be leaders rather than laggards in security. If these companies can't get it right then it's highly likely that your organizations are also at fault. And there's no excuse. It doesn't require expensive technology, just a clear policy and firm enforcement.