Public distrust of business data protection safeguards

A press release issued today by the Information Commissioner’s Office indicates that (in the UK at least), more and more businesses are becoming aware of their data protection responsibilities.

However, this good news is offset by the revelation that less than half the individuals surveyed believed that businesses were processing and handling their data properly.

From the ICO’s site:

New figures published today show that nearly three quarters of businesses surveyed now know that the DPA requires them to keep personal information secure – up 26% on last year’s figure.

Despite this, public confidence has fallen – less than half of individuals surveyed believe that organisations process their data in a fair and proper manner. Concern is particularly high in relation to web-based businesses – almost three quarters of individuals believe that online companies are not keeping their details secure.

Additionally, the ICO press release identifies that the number of reported data security breaches in the private sector has risen by 58% since the same period last year. (This may be down to the increased understanding leading to more reports, so shouldn’t be seen as a direct indication that more breaches are taking place).

With greater public awareness of data protection issues and the apparently corresponding lack of public trust in businesses, it is an ideal opportunity for any organisation to differentiate itself, even in the most competitive markets, by ensuring customer data security is taken seriously.

Not only is it a legal obligation to comply with the 8 principles of the Data Protection Act, but it is a genuinely good business move that can win you new customers. Security should no longer be seen as a “cost of business” but as a way to add value, improve profitability and help protect revenue streams.

Security helps your business – ignore it at your peril.

Taz Wake - Halkyn Security

Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.