The value of personal data to the individual cannot be exaggerated. No one wants their personal data to fall into the wrong hands. No one wishes to become the victim of an identity thief or processed in an unacceptable manner. We expect our personal data to be securely guarded and properly processed; this is the principle objective of the Data Protection Act, 1998.
Accordingly, organisations have a legal responsibility for ensuring personal data held on their systems is safeguarded from compromise. As an organisational representative, are you confident your organisation complies with the requirements set down in the Data Protection Act. Is your organisation aware of the consequences following a breach of the Data Protection Act?
Failure to comply with the Data Protection Act 1998 can be catastrophic for both citizen and organisation alike. The citizen, whose personal data has now become compromised, is likely to suffer significant distress. The organisation, apart from receiving a heavy fine for a data protection breach, would also very likely suffer loss of business as potential customers’ confidence in the ability of the organisation to maintain regulatory compliance and look after personal data in a secure manner will have been substantially eroded. A good reputation is difficult to win. A bad reputation is easily acquired and hard to lose. You cannot take a risk when it comes to protecting personal information.
At Silcox Information Security, we take the security of personal information extremely seriously. We have considerable experience in dealing with the consequences following a data protection breach and associated investigations. We also have a vast amount of experience in helping organisations safeguard the personal data held on their information systems. Our services align perfectly to the requirements of the Data Protection Act, 1998 and associated standards such as BS 10012. We provide the following services:
- Data Protection Consultancy
- Full Outsourced Data Protection Advisory Service
- Writing, reviewing and updating of Data Protection Policy
- Data Compliance Checks and Audits against the Act and associated codes of practice
- Data Protection Staff Awareness Training
- Identification of Data Protection responsibilities when off-shoring data, including compliance with Principle 8 of the Act
- Ad hoc assistance with implementing new and emerging directives from the Information Commissioner’s Office (ICO)
- Support in Data Breach Crisis Management, ICO undertakings and Monetary Penalty situations
- Cyber Attack Incident Management and Crisis Planning forming part of ISO22301
Current data protection legislation will undergo change when EU data protection laws will be enacted in 2017.
David Smith, deputy commissioner at the Information Commissioner’s Office stated at Infosec 2014, ‘get your house in order now under the current law, to ensure you are ready for the coming changes, because the principles are not very different’.
Is your organisation ready for EU Data laws in 2017?