DSG credit agreements found in skip

Electronics retailer DSG breached the Data Protection Act when eight completed credit agreements containing customers' personal and financial data were found...

Electronics retailer DSG breached the Data Protection Act when eight completed credit agreements containing customers' personal and financial data were found in or near a skip at one of the company's PC World stores, the Information Commissioner's Office (ICO) has ruled.

A local authority's environmental health department found the documents, which related to transactions made two years earlier and had been kept longer than recommended by DSG's policies for holding personal data.

The company's normal procedure for destroying sensitive documents should have seen them transported in sealed containers to a central facility for secure shredding, but this did not occur.

DSG Retail CEO John Browett has signed a formal undertaking to prevent a similar breach. The steps include a review of security procedures and training staff how to comply with the company's security policies.

ICO head of enforcement Mick Gorrill said an important principle of the act was that companies kept personal information securely and only for as long as necessary.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close