Large numbers of companies are taking risks with data protection, because they are not aware of the requirements of the law.
Nearly half (44 percent) of companies use live data in test environments — something the 1998 Data Protection Act warns against explicitly, according to a recent survey of IT directors by Compuware.
Half the directors (48 percent) were only ‘vaguely familiar’ with the Act itself, according to the research, which highlights the importance of understanding the demands and keeping track of how customer data is treated.
A further “83 percent used only minimal measures such as using non disclosure agreements (NDA) to control data when outsourcing,” said Ian Clarke, world wide enterprise solutions director at Compuware.
NDAs are all very well, but companies find it difficult to communicate the complex legal terms to their employees or to outsourcing partners, said the survey report. “Unless they have rigorous procedures in place, they run the risk of live data being leaked to third parties. This can have severe repercussions on customer confidence and company reputation, and ultimately affect the bottom line,” Clarke added.
An NDA doesn’t mean a lot when an employee in an outsourcing company in India for example who earns $100-a-day can earn much more by selling confidential data, he said.
Last week, an HSBC call centre employee in India, was arrested for swindling