The number of high profile data protection calamities suffered by big name businesses, and even the Government, has gone through the roof. A mixture of clumsiness from organisations and increased knowledge of criminals and poachers means that data protection has never been more important. The Data Protection Act of 1998 is a regulatory guide which is designed to protect you and your customer/client base.
The regulations apply to you if you hold any personal data on customers or employees. This can range from names, addresses and phone numbers to results of surveys and opinions. The eight key points of the Data Protection Act require that you:
- Process data fairly and according to the law
- Process data for a limited, lawful purpose
- Only hold enough information for your purpose – nothing excessive or extraneous
- Ensure the data you hold is accurate, relevant and up-to-date
- Don’t hold the data for any longer than necessary
- Process the data in line with individuals’ rights
- Ensure the data is kept physically secure
- Don’t transfer the data outside the European Economic Area unless it is protected.
The data you hold is valuable, and exposing it to the wrong people can be incredibly damaging for your reputation and your finances. You need to know that your data is safe, and also make sure you know exactly who has access to it. The threat to your information comes in different shapes and forms, some close to home and some a little further away. So who can access your company data?
Your biggest asset, expense and potential danger, your workforce need to be trustworthy and reliable. It is probable your staff have access to wide ranging types of database and records relating to your business. The first step you can take to ensure you are equipped with a safe workforce is by running DBS Checks on your potential and existing staff. DBS (or Disclosure and Barring Service) checks are your first line of defence against possibly harmful recruitment.
The second step you must take to protect your database is education. Run thorough, intensive courses on the importance of data protection. Ensuring that your employees are fully up to speed with the Data Protection Act means you have carried out one of your duties as a data controller. You’re charged with looking after the data from the top, but your staff can be savvy with their internet usage and responsibility.
Computer hackers are a constant threat to the security of your information. They have the technical skill to break into computer systems without your knowledge and use the information for their own gain. They can install dangerous malware without your consent which allows them to alter, manipulate and steal information. The effects of this can be wide reaching and damaging. It can ruin your credit, cause permanent damage to your reputation, and even lead to sanctions and closure. To protect yourself from such threats, you should:
- Maximise your security with a two-way firewall
- Download software from trusted sites only and use highly-rated antivirus software
- Avoid suspicious websites and don’t open emails from unknown senders
- Limit the personal and secure information you post on websites and social media
- Update your operating systems on a regular basis
- Keep financial information out of personal conversations
- Increase your internet browser security settings.