Firms must do more to protect data, survey says

UK Web sites comply with the Data Protection Act do so "more by accident than design" according to a survey for the Government's...

UK Web sites comply with the Data Protection Act do so "more by accident than design" according to a survey for the Government's Information Commission.

The survey of 170 sites found, "There is a general level of awareness of privacy issues but only in as much as they might impact the interests of the business."

Yet even the best Web sites "were not 100% compliant", according to the report by the Manchester Institute of Science and Technology (UMIST).

Security and data were the key areas of weakness flagged up by the UMIST survey. It found, "There was generally a low level of company internal security. In addition there was a low-level of system security, with encryption rarely mentioned or used."

Less than half the companies surveyed hold an offsite back-up copy of the data they have collected, according to the report.

On data retention, UMIST found considerable confusion about the Data protection Act. At least a quarter of the sites surveyed had no retention policy and the survey cast doubts on many sites' technical ability to set retention periods for certain types of data.

Almost half the Web sites surveyed did not post any type of privacy information and of those that did, only 5% could be understood by the average reader, according to UMIST.

Large companies and companies within regulated industry sectors, not surprisingly, showed a higher level of compliance than small and medium-sized businesses (SMEs).

The survey highlighted a series of difficulties facing SMEs. Only 37% of small companies have any kind of data security policy and SMEs are often not aware of the danger of unintentional misuse of data. Many small companies also wrongly assume that they are protected through their Internet service provider.

Read more on IT for small and medium-sized enterprises (SME)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close