Ignorance of data protection law puts firms at risk

Large numbers of companies are taking risks with data protection, because they are not aware of the requirements of the law.

Nearly half (44 percent) of companies use live data in test environments — something the 1998 Data Protection Act warns against explicitly, according to a recent survey of IT directors by Compuware.

Half the directors (48 percent) were only ‘vaguely familiar’ with the Act itself, according to the research, which highlights the importance of understanding the demands and keeping track of how customer data is treated.

A further “83 percent used only minimal measures such as using non disclosure agreements (NDA) to control data when outsourcing,” said Ian Clarke, world wide enterprise solutions director at Compuware.

NDAs are all very well, but companies find it difficult to communicate the complex legal terms to their employees or to outsourcing partners, said the survey report. “Unless they have rigorous procedures in place, they run the risk of live data being leaked to third parties. This can have severe repercussions on customer confidence and company reputation, and ultimately affect the bottom line,” Clarke added.

An NDA doesn’t mean a lot when an employee in an outsourcing company in India for example who earns $100-a-day can earn much more by selling confidential data, he said.

Last week, an HSBC call centre employee in India, was arrested for swindling

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Featured Reads