Don’t tell public over data loss
In an appalling indictment of the public sector mindset, an overwhelming majority of respondents to new survey don’t believe the general public should be informed if a data breach occurs and that there is a general unawareness of data breach legislation.
According to a new survey by ClearSwift and Information Assurance, the issue is not at the top of the pubic and political agenda despite the public having high expectations. Approximately 40% of senior management have little or no understanding of information assurance (IA) , and 32 %of board members have discussed IA issues fewer than four times in the last 12 months. Forty-nine percent of public sector employees polled felt that IA procedures could be improved within their organisation.
Around 19% of British public sector organisations suffered a data loss in the last 12-18 months. Over half of this figure had experienced a repeat data loss. The main data loss causes were: loss of removable storage devices, 67%; loss of hard copies,44% and loss through email, 11%.
Meanwhile Dr Stephen Hickey, who carried out the inquiry in the loss of data of 84,000 prisoners on behalf of the Home Office, has called for a “good practice guide” to be drawn up and for a review of the way the public sector handles data loss incidents. “I recommend that the Home Office formally review their response procedures in light of this incident and prepare a good practice guide for potential use by senior managers across the department.”
A Home Office spokesman said: “We’re grateful for this report which confirms that the procedures and processes within the Home Office complied with the standards required across Government for the handling of sensitive or personal data and that the loss was the responsibility of a contractor.”