ICO plea to business

Careless, inexcusable and horrifying are the three adjectives used by Richard Thomas, the UK information commissioner, to describe the recent proliferation of security breaches.

Mr Thomas added: “Business and public sector leaders must take their data protection obligations more seriously.”

You can read the full article here.

The annual report itself (available from www.ico.gov.uk) makes some serious points. The following paragraph within the introduction sets the scene

How can laptops holding details of customer accounts be used away from the office without strong encryption? How can millions of store card transactions fall into the wrong hands? How can online recruitment allow applicants to see each others’ forms? How can any chief executive of a bank face customers and shareholders and admit that loan rejections, health insurance applications, credit cards and bank statements can be found, unsecured, in non-confidential waste bags?

It may all sound a bit hysterical but given that more than 10% (or around 5000) of complaints received by the ICO last year related to alleged compromises of personal data then one can understand why the point is being made so strongly.