{"id":551,"date":"2013-02-17T19:52:56","date_gmt":"2013-02-17T19:52:56","guid":{"rendered":"http:\/\/www.halkynconsulting.co.uk\/a\/?p=551"},"modified":"2013-02-17T20:08:27","modified_gmt":"2013-02-17T20:08:27","slug":"another-lack-of-encryption-leads-to-a-data-protection-act-fine","status":"publish","type":"post","link":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/","title":{"rendered":"Another lack of encryption leads to a Data Protection Act Fine"},"content":{"rendered":"<figure id=\"attachment_559\" aria-describedby=\"caption-attachment-559\" style=\"width: 300px\" class=\"wp-caption alignleft\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"559\" data-permalink=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/healthcaresecuritysml\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&amp;ssl=1\" data-orig-size=\"300,250\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}\" data-image-title=\"NHS Security\" data-image-description=\"&lt;p&gt;Healthcare Security &#8211; Sensitive data needs proper protection.&lt;\/p&gt;\n\" data-image-caption=\"&lt;p&gt;NHS &#038; Healthcare Security : Sensitive data needs proper protection.&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&amp;ssl=1\" class=\"size-full wp-image-559\" alt=\"Healthcare Security - Sensitive data needs proper protection.\" src=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?resize=300%2C250\" width=\"300\" height=\"250\" data-recalc-dims=\"1\" \/><figcaption id=\"caption-attachment-559\" class=\"wp-caption-text\">Healthcare Security &#8211; Sensitive data needs proper protection.<\/figcaption><\/figure>\n<p>On Friday, 15 Feb 13, the Information Commissioner&#8217;s Office (ICO) announced that the UK <a title=\"Nursing and Midwifery Council\" href=\"http:\/\/www.nmc-uk.org\/\" target=\"_blank\">Nursing and Midwifery Council<\/a> (NMC) had been fined \u00a3150,000 for a breach of the data protection act. (<em>It is worth bearing in mind that the NMC has recently raised the <a title=\"NMC Raise Registration Fees for UK Nurses\" href=\"http:\/\/www.nmc-uk.org\/Press-and-media\/Latest-news\/News-review-NMC-fee-rise-comes-into-force\/\" target=\"_blank\">registration fees<\/a> for Nurses to \u00a3100 per year<\/em>)<\/p>\n<p>It seems that this fine is the result of the NMC sending evidence for a disciplinary hearing by post. The following is <a title=\"ICO urges more care with personal data as Nursing and Midwifery Council receives \u00a3150,000 penalty\" href=\"http:\/\/www.ico.gov.uk\/news\/latest_news\/2013\/nursing-and-midwifery-council-receives-150000-penalty-15022013.aspx\" target=\"_blank\">from the ICO press release<\/a>:<\/p>\n<blockquote><p>The council lost three DVDs related to a nurse\u2019s misconduct hearing, which contained confidential personal information and evidence from two vulnerable children. An ICO investigation found the information was not encrypted.<\/p><\/blockquote>\n<p>and David Smith, Deputy\u00a0Commissioner and Director of Data Protection added:<\/p>\n<blockquote><p>The Nursing and Midwifery Council\u2019s underlying failure to ensure these discs were encrypted placed sensitive personal information at unnecessary risk. No policy appeared to exist on how the discs should be handled, and so no thought was given as to whether they should be encrypted before being couriered. Had that simple step been taken, the information would have remained secure and we would not have had to issue this penalty.<\/p><\/blockquote>\n<p>This pretty much explains the fundamental mistake here.<\/p>\n<p>For the want of a policy document and free or low-cost encryption software, the Nursing and\u00a0Midwifery\u00a0Council\u00a0has been fined \u00a3150,000. That is close to<strong> one hundred<\/strong> times the cost of doing things properly &#8211; even if the creation of the policy documents had been fully outsourced.<\/p>\n<p><strong>This is a fundamental failure of security risk management and a sign that, worryingly, an organisation with access to evidence, sensitive personal data and financial records doesn&#8217;t have a robust enough security management approach to realise the risks it is taking with information<\/strong>.<\/p>\n<p>Based on the information in the ICO statement it appears there are some lessons that can be learned from the NMC fine:<\/p>\n<ol>\n<li><span style=\"line-height: 16px;\">Sending documents by courier is not a problem and is often the best mechanism where there is a lot of data (potentially over 14gb of data in this instance), but you need to have a policy governing this in place.<\/span><\/li>\n<li><span style=\"line-height: 16px;\">Any sensitive data should be encrypted &#8211; be it on USB, DVD or over the internet. Encryption is cheap (free) and easy to use.<\/span><\/li>\n<li><span style=\"line-height: 16px;\">Asset registers and document control registers are essential. In this case, it seems likely that the disks were mislaid prior to shipping but there\u00a0doesn&#8217;t\u00a0appear to be any record of what was given to the courier or where items were stored. This is very poor practice, especially in light of the fact it was to be used as evidence for a disciplinary hearing.\u00a0<\/span><\/li>\n<li>Security risk management is not optional. Without it (or if it is malfunctioning) your organisation faces massive costs and, as always, ignorance is never a defence.<\/li>\n<\/ol>\n<p>The important point, and it can never be stated enough, you need to have a well thought out, well managed and well resourced (staff and budget) approach to security otherwise you will suffer a data loss. The costs of a security breach frequently significantly outweigh the costs of prevention.<\/p>\n<p>If you, or your organisation, handles sensitive data (personal or not) then you absolutely need to make sure that you know where all your assets are held (asset register), that you have some process for tracking how &amp; where you send assets (issue and\u00a0receipt\u00a0logs), and that you have a security policy explaining how all this works.<\/p>\n<p>Anything else is such poor risk management you need to make sure you have some funds put to one side to cover the inevitable breaches. (If you work for the\u00a0<a title=\"Nursing and Midwifery Council\" href=\"http:\/\/www.nmc-uk.org\/\" target=\"_blank\">NMC<\/a>\u00a0and want help on how to implement this then <a title=\"Contact the Security Team\" href=\"http:\/\/www.halkynconsulting.co.uk\/security\/contact-security-team\" target=\"_blank\">get in touch<\/a>, we can offer a special rate&#8230;)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On Friday, 15 Feb 13, the Information Commissioner&#8217;s Office (ICO) announced that the UK Nursing and Midwifery Council (NMC) had been fined \u00a3150,000 for a breach of the data protection act. (It is worth bearing in mind that the NMC has recently raised the registration fees for Nurses to \u00a3100 per year) It seems that [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":559,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[5,3,21],"tags":[76,24,69,6,140,19],"class_list":["post-551","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-securitynews","category-security-risk-management","tag-breach","tag-data-protection","tag-ico","tag-infosec","tag-security","tag-srm","entry","has-media"],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Another lack of encryption leads to a Data Protection Act Fine - Halkyn Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Another lack of encryption leads to a Data Protection Act Fine - Halkyn Security Blog\" \/>\n<meta property=\"og:description\" content=\"On Friday, 15 Feb 13, the Information Commissioner&#8217;s Office (ICO) announced that the UK Nursing and Midwifery Council (NMC) had been fined \u00a3150,000 for a breach of the data protection act. (It is worth bearing in mind that the NMC has recently raised the registration fees for Nurses to \u00a3100 per year) It seems that [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\" \/>\n<meta property=\"og:site_name\" content=\"Halkyn Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-02-17T19:52:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-02-17T20:08:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Taz Wake - Halkyn Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/tazwake\" \/>\n<meta name=\"twitter:site\" content=\"@HalkynSecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Taz Wake - Halkyn Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\"},\"author\":{\"name\":\"Taz Wake - Halkyn Security\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc\"},\"headline\":\"Another lack of encryption leads to a Data Protection Act Fine\",\"datePublished\":\"2013-02-17T19:52:56+00:00\",\"dateModified\":\"2013-02-17T20:08:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\"},\"wordCount\":648,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"keywords\":[\"Breach\",\"Data Protection\",\"ICO\",\"Information Security\",\"Security\",\"Security Risk Management\"],\"articleSection\":[\"Security\",\"Security News\",\"Security Risk Management\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\",\"name\":\"Another lack of encryption leads to a Data Protection Act Fine - Halkyn Security Blog\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\"},\"datePublished\":\"2013-02-17T19:52:56+00:00\",\"dateModified\":\"2013-02-17T20:08:27+00:00\",\"breadcrumb\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Halkyn Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Another lack of encryption leads to a Data Protection Act Fine\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"name\":\"Halkyn Security Blog\",\"description\":\"Specialist Security &amp; Risk Management Consultants\",\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\",\"name\":\"Halkyn Consulting\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"width\":\"990\",\"height\":\"170\",\"caption\":\"Halkyn Consulting\"},\"image\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/2329571\",\"https:\/\/twitter.com\/HalkynSecurity\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc\",\"name\":\"Taz Wake - Halkyn Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g\",\"caption\":\"Taz Wake - Halkyn Security\"},\"description\":\"Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.\",\"sameAs\":[\"http:\/\/www.halkynconsulting.co.uk\",\"https:\/\/twitter.com\/https:\/\/twitter.com\/tazwake\"],\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/author\/tazwake\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Another lack of encryption leads to a Data Protection Act Fine - Halkyn Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/","og_locale":"en_GB","og_type":"article","og_title":"Another lack of encryption leads to a Data Protection Act Fine - Halkyn Security Blog","og_description":"On Friday, 15 Feb 13, the Information Commissioner&#8217;s Office (ICO) announced that the UK Nursing and Midwifery Council (NMC) had been fined \u00a3150,000 for a breach of the data protection act. (It is worth bearing in mind that the NMC has recently raised the registration fees for Nurses to \u00a3100 per year) It seems that [&hellip;]","og_url":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/","og_site_name":"Halkyn Security Blog","article_published_time":"2013-02-17T19:52:56+00:00","article_modified_time":"2013-02-17T20:08:27+00:00","og_image":[{"width":300,"height":250,"url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&ssl=1","type":"image\/jpeg"}],"author":"Taz Wake - Halkyn Security","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/tazwake","twitter_site":"@HalkynSecurity","twitter_misc":{"Written by":"Taz Wake - Halkyn Security","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#article","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/"},"author":{"name":"Taz Wake - Halkyn Security","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc"},"headline":"Another lack of encryption leads to a Data Protection Act Fine","datePublished":"2013-02-17T19:52:56+00:00","dateModified":"2013-02-17T20:08:27+00:00","mainEntityOfPage":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/"},"wordCount":648,"commentCount":0,"publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"keywords":["Breach","Data Protection","ICO","Information Security","Security","Security Risk Management"],"articleSection":["Security","Security News","Security Risk Management"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/","url":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/","name":"Another lack of encryption leads to a Data Protection Act Fine - Halkyn Security Blog","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website"},"datePublished":"2013-02-17T19:52:56+00:00","dateModified":"2013-02-17T20:08:27+00:00","breadcrumb":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Halkyn Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/"},{"@type":"ListItem","position":2,"name":"Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Another lack of encryption leads to a Data Protection Act Fine"}]},{"@type":"WebSite","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","name":"Halkyn Security Blog","description":"Specialist Security &amp; Risk Management Consultants","publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization","name":"Halkyn Consulting","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","width":"990","height":"170","caption":"Halkyn Consulting"},"image":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/2329571","https:\/\/twitter.com\/HalkynSecurity"]},{"@type":"Person","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc","name":"Taz Wake - Halkyn Security","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g","caption":"Taz Wake - Halkyn Security"},"description":"Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.","sameAs":["http:\/\/www.halkynconsulting.co.uk","https:\/\/twitter.com\/https:\/\/twitter.com\/tazwake"],"url":"http:\/\/www.halkynconsulting.co.uk\/a\/author\/tazwake\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9yHvD-8T","jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/551","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/comments?post=551"}],"version-history":[{"count":9,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/551\/revisions"}],"predecessor-version":[{"id":562,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/551\/revisions\/562"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media\/559"}],"wp:attachment":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media?parent=551"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/categories?post=551"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/tags?post=551"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}