Home > Uncategorized > ICO Repeats Data Encryption Guidance

ICO Repeats Data Encryption Guidance

ICO Repeats Data Encryption Guidance

24 October 2011

The Information Commissioner’s Office (ICO) has repeated its guidance that organisations that handle personal data must encrypt that information if its loss would cause distress or damage. The ICO’s advice is given with reference to the Data Protection Act, which states that appropriate technical and organisational measures must be taken to protect personal data. The ICO issued a statement following the loss of laptops by two separate organisations containing unencrypted personal data.

Data encryption is a relatively straightforward process and a variety of programs are available on numerous platforms; many of them free open-source projects. Most encryption programs are easy to use, although the largest obstacle to adoption of this security measure appears to be awareness amongst staff of both the use of encryption and its importance in relation to data protection.

Organisations would benefit from holding staff training sessions where they are able to raise awareness of data protection issues. Most employees undoubtedly have a good understanding of the principle of confidentiality and why it is important, although information about the difference between data, personal data and sensitive personal data could benefit an organisation by making its employees think twice before handling it.

The ICO offers a range of free literature for individuals and organisations on its website and many organisations would do well to take advantage of this. Members of staff who handle personal data and sensitive personal data should also be required to attend training on data encryption and to use it as part of their data processing duties.

Lawdit understands the importance of good data protection practices and we believe it is vital that every organisation should have procedures and safeguards in place to protect against data loss. Please contact us for a free discussion if you have any data protection questions or concerns and a member of our team will be pleased to offer you the help and advice you’re after.

By Aasim Durrani. Aasim is a legal assistant to Izaz Ali (izaz.ali@lawdit.co.uk) and can be contacted on aasim.durrani@lawdit.co.uk

Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: