• home
• your needs
  You can read about our services, the sectors we work in, our product ranges and how we can help you in your role by using the links below.

  • services

  • To view an a-z list of our services, click the link below.

  • view all services

  • sectors
  • health
  • public sector
  • private & public listed companies
  • insurance

  • products
  • basics
  • checker
  • tracker
  • navigator
  • reform
  • lawsure
  • quickcall
  • learn

  • your role
  • in house legal
  • managing a business
  • insurance claims
  • procurement
  • finance
  • human resources
  • property management
  • marketing

  • training
  • seminars
  • webinars
  • podcasts
  • BIIAB
  • delegate centre
  • claims club
• about us
  You can find out more about us, the training we offer, our news and publications and how to contact us, by using the links below.

  • our business
  • fast facts
  • international
  • our awards
  • our client charter
  • professional memberships
  • our technology
  • corporate social responsibility
  • groupe francais

  • contact us
  • our people
  • management team

  • press office
  • press releases
  • articles
  • press coverage

  • resources
  • bulletins
  • legal updates
  • clarity guides
  • transaction updates
  • consultation papers
  • survey reports

  • case studies

  • To find out more about what we've been working on, click the link below to search our case studies.

  • view all case studies
• join us

press release

Safeguarding personal data

20 July 2007

Last week’s reports that record numbers of companies and Government departments are fuelling a £1.7billion a year crime racket by failing to protect people’s privacy, highlight the need for businesses to ensure adequate steps to safeguard personal information, says Simon White, data protection expert at law firm Browne Jacobson.

Among those criticised were mobile operator Orange, for compromising security by giving its entire call centre staff the same computer log-in, and high street banks for dumping customers’ details in bins, and who

Under the Data Protection Act, businesses are required to take appropriate security measures to guard against accidental loss of, damage to and theft of personal information.

In addition, businesses are liable for the acts and omissions of sub-contractors who dispose of their waste.

“Exposing personal information puts businesses at risk of fraud and customers at risk of identity theft,” says Simon.

“Businesses must have strict procedures in place for the safe disposal and protection of confidential and personal information, or potentially face legal proceedings.”

So what can businesses do to effectively safeguard customer data? Simon recommends that businesses look to implement the following steps:

• Ensure a clear understanding of their obligations under the Data Protection Act in respect of their use (including destruction) of personal data.
  
• Ensure that websites and online payment systems are secure, and that they protect customers from identity fraud
  
• Ensure that policies are in place regarding online access of personal customer information by staff and third parties
  
• Have written agreements with data processors (- including sub-contractors who dispose of personal and other confidential information - requiring them to comply with the Data Protection Act. This should include an indemnity from any acts and omissions on the part of sub-contractors.
  
• Put in place policies regarding the use of confidential shredding bins when discarding personal information relating to customers, employees and other third parties.
  
• Ensure that these policies are communicated to employees and properly enforced.

save to PDF