Zurich Insurance found in breach of Data Protection Act

Zurich Insurance will improve data security by encrypting data following an Information Commissioners Office (ICO) ruling that the company breached the Data...

Zurich Insurance will improve data security by encrypting data following an Information Commissioners Office (ICO) ruling that the company breached the Data Protection Act.

The Swiss insurer lost the personal details of 46,000 British customers in 2008 when a back-up tape went missing when it was being transferred within South Africa.

Zurich, which called in KPMG to investigate, said there was no evidence that customer details had been used to commit fraud.

Stephen Lewis, UK branch manager at Zurich Insurance, has signed an undertaking to ensure that where any future movement of back-up tapes is required appropriate data security procedures, including the use of encryption, are in place.

"Zurich Insurance has committed to put in place controls to monitor and promptly report potential or actual data loss activity. The undertaking also requires that steps are taken to ensure staff and external contractors are made fully aware of security procedures and adequate checks are carried out on contractors' staff," said an ICO statement.

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close