Firms ignore e-mail compliance

It's the red card for blue chips as almost one in 10 has admitted breaching e-mail compliance legislation.

European service supplier SCC has found that 87% of the 25 blue chip businesses it surveyed could not meet the requirements of the Data Protection Act or Sarbanes-Oxley.

None of the organisations, which included financial, legal and retail firms, had a fully compliant e-mail policy in place, even though more than half had experienced compliance-related problems in the past.

A separate survey of 100 CIOs by e-mail compliance vendor Cryoserver confirms companies' apathy to tackle e-mail problems. In the last year, 68% needed to retrieve e-mails to resolve a compliance issue. Despite this, 80% had little or no confidence their e-mail systems now complied with regulation.

Paul Eccleston, UK business solutions director at SCC, warned that ignorance about e-mail compliance would not be accepted as an excuse by regulators. "Organisations need to take a more assertive approach towards tackling compliance. Liability in most cases remains with the data owner, so it's in a business' interest to ensure senior employees implement secure e-mail management systems," he says.

"With fines of up to £3m and criminal penalties of up to 20 years, this issue should be at the top of businesses' agendas."

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.