Data destruction is the law

Data destruction is the law

The recent case of former lawyers at ACS: Law, being served with a penalty after leaking personal data, has put the data security policies of law firms under the microscope.

Although many legal practices are conscious of their confidential data responsibilities and have data protection policies in place, more can still be done. In May, the data controller of the former law firm ACS: Law was served with a penalty of £1,000 after the personal details of more than 8,000 Sky broadband customers, 400 Plusnet customers and 5,000 Britons were exposed in 2010.

Law firms deal with vast amounts of highly confidential data because of the nature of their business and must be vigilant to data thieves.

The Information Commissioner’s Office is now imposing fines of up to £500,000 on law firms found guilty of breaching the Data Protection Act by exposing personal information. Anthony Pearlgood, commercial director of national shredding company PHS Datashred, and former Chairman of the BSIA’s Information Destruction section, said: “Law firms must keep strict control over the vast amounts of highly confidential data they deal with. The nature of their business means they have a duty to destroy confidential data.”

Tips to prevent data leaks in law firms
Create a confidential data policy – if you don’t have one already you are already in the high risk category for being a victim of data theft. Store & dispose of data safely – don’t assume that binning it is the end of the matter. Criminals often rifle through bins in car parks where confidential data has been poorly disposed of. Destroy data properly – arrange for a properly accredited company to help store, collect and securely destroy information. Ensure you know where your data is heading. Even better, have your data destroyed on site, using a mobile shredding vehicle and watch the destruction.

Check identities – use credit reference agencies to verify the identity of your preferred suppliers. Secure your accounts – don’t allow bank details to escape into the public domain. Thieves are adept at falsifying signatures. Inform staff – train staff on how to deal with confidential data properly and monitor their behaviour. Remember, most fraud is committed by people who work within the organisation. Beware of carrying large amounts of confidential data on unencrypted laptops, data sticks or mobile devices such as Blackberrys and iPhones. These small portable gadgets are magnets for thieves who can exploit your confidential information.

A new study from Protiviti, the global business consulting and internal audit firm, reveals that the majority of UK employees have not been provided with clear guidance on using social media networking sites. Of those with access to social media in the workplace, almost 39 percent indicated that there is no policy in place regarding social media networking and a further 24 percent are unaware of any such policies. 

Protiviti says companies without adequate social media policies are placing themselves at risk of security breaches and reputational damage, among other issues.

Social media usage in the workplace has grown enormously in recent years with more than half (51 percent) of workers surveyed now claiming to engage with a social networking site whilst at work

Almost a third (30percent) of workers use sites such as Twitter, Facebook and LinkedIn on a daily basis, while more than 5% do so several times an hour

Workers aged 18-24 years are the most regular users of social networking sites, with one in five (21 percent) claiming to engage with them several times an hour

Protiviti believes that a generational divide in the workplace poses a threat to firms with senior managers often unaware of whether their company’s HR and IT policies are adequate.

Read more

Latest News

Read More

How HR can fix the credibility deficit

22 November 2024

Newsletter

Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

University of Oxford – Nuffield Department of MedicineSalary: £27,838 to £31,459 per annum (pro rata). This is inclusive of a pensionable Oxford University Weighting of

JOB TITLE: Hotel Manager – FTC 12 months – January 2025 start LOCATION; North West England SALARY: Around £45,000 per year plus performance-based bonus, rewards,

We are seeking a dynamic and driven Human Resources Officer to become a key player in The Welbeck Team In this exciting role, you’ll invent

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE