Corporate |
News |
Poor data protection awareness
Poor data protection awareness
05 Nov 2010 - Is the Private Sector putting itself at risk?
Private sector companies are lagging behind the public sector on their knowledge of data protection, says the Information Commissioner’s Office (ICO).
The annual survey shows that just under half of private sector firms said, unprompted, that they should store personal information securely, compared with 60% of public sector organisations.
Awareness of the ICO in the private sector is the lowest (58%) recorded since 2007, yet it is at its highest recorded in the public sector (97%).
Enforcing the Data Protection Act
Over half (54%) of organisations are aware that the ICO is responsible for enforcing the DPA, although awareness levels have decreased by 5% in 2010.
This total disguises the massive disparity between awareness in the private and public sector. Spontaneous awareness of the ICO's responsibility for enforcing the DPA among the public sector is (87%) compared to the private sector (20%).
Information Commissioner, Christopher Graham, said: “A strong awareness of data protection obligations is of fundamental importance to any organisation. Businesses need to show they are taking data protection seriously. Failing to do so could not only lead to enforcement action, it could also do significant damage to their reputation.
“There is a link between satisfied customers and good handling of personal information. Our research shows that almost all of the individuals surveyed are concerned about the collection and secure storage of their personal information. Ignoring data protection obligations is ignoring a key customer concern.”
86%
|
It improves information management
|
85%
|
It helps improve risk management
|
83%
|
It improves customers‟ trust
|
NETconsent View
It seems that the public sector is less inclined to forget the outcry following the massive data breach of 25 million records from the HMRC in 2007. No doubt the public pressure to report data breaches to the ICO further spurs them on to promote awareness of the need to protect personal and confidential data.
Awareness of data protection issues amongst the private sector is likely to be boosted, when later this month the ICO announce the first fines for failing to protect data.
Is it time for your organisation to check that it is taking “reasonable steps” to safeguard information? A lack of awareness and understanding of policies has been at the heart of many corporate governance failures. Raising security awareness amongst employees is paramount to combating ignorance, apathy and cavalier attitudes toward security.
Find out how NETconsent policy management software offers a consistent mechanism to release, maintain, review and communicate security policies.
The full research report is available on the ICO website here: http://www.ico.gov.uk/about_us/research/corporate.aspx