News

DSG credit agreements found in skip

Ian Grant

Electronics retailer DSG breached the Data Protection Act when eight completed credit agreements containing customers' personal and financial data were found in or near a skip at one of the company's PC World stores, the Information Commissioner's Office (ICO) has ruled.

A local authority's environmental health department found the documents, which related to transactions made two years earlier and had been kept longer than recommended by DSG's policies for holding personal data.

The company's normal procedure for destroying sensitive documents should have seen them transported in sealed containers to a central facility for secure shredding, but this did not occur.

DSG Retail CEO John Browett has signed a formal undertaking to prevent a similar breach. The steps include a review of security procedures and training staff how to comply with the company's security policies.

ICO head of enforcement Mick Gorrill said an important principle of the act was that companies kept personal information securely and only for as long as necessary.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy