SMEs overestimate the work and costs involved in data protection compliance
ELY, UK, June 20, 2013 /EINPresswire.com/ -- According to new research from Shred-it UK SMEs are not taking enough care when managing and disposing of documents and hard drives.
News portal Onrec quotes Robert Guice, Vice President Shred-it EME, who said: “SMEs continue to hugely underestimate the potential cost of a data breach to them. In terms of financial loss, the Information Commissioner’s Office in the UK can fine companies up to half a million pounds, enough to send many companies into insolvency.”
Alan Calder, CEO of IT Governance - the information security and data protection compliance specialists – comments, “Managing data protection does not only relate to paper copies and hard drives. It encompasses all aspects of an organisation that deal with handling personal information, i.e. people, technology and processes. Data protection affects all organisations and the ICO rightfully pursues those who compromise personal data.”
Despite the fact that all public and private sector organisations in the UK are required by law to be compliant with the Data Protection Act (DPA), there are still many that fall short of meeting the DPA’s requirements and don’t take their obligations seriously enough.
“SMEs tend to overestimate the work and costs involved in DPA-compliance. Data protection is easier than most people think, if the eight data protection principles are understood correctly and the process is appropriately managed,” adds Calder.
The IT Governance DPA Foundation training course, for example, is a one-day session designed to provide staff with a full knowledge of the eight principles of the DPA and the practical advice to ensure that all practices associated with processing personal information are implemented and maintained on a continual basis. It is available as both classroom and in-house delivery. The next public course takes place on 19 July 2013 and can be booked at www.itgovernance.co.uk/shop/p-525.aspx.
The DPA Compliance Toolkit is another valuable resource for achieving compliance with the DPA. It contains the document templates and tools that are essential for any UK data controller and saves time researching and writing the required documentation. A downloadable version of the document templates is available from: www.itgovernance.co.uk/shop/p-513.aspx.
- Ends -
NOTES TO EDITORS
IT Governance Ltd is the single-source provider of books, tools, training and consultancy for IT governance, risk management and compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is ‘non-geek’, approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
News portal Onrec quotes Robert Guice, Vice President Shred-it EME, who said: “SMEs continue to hugely underestimate the potential cost of a data breach to them. In terms of financial loss, the Information Commissioner’s Office in the UK can fine companies up to half a million pounds, enough to send many companies into insolvency.”
Alan Calder, CEO of IT Governance - the information security and data protection compliance specialists – comments, “Managing data protection does not only relate to paper copies and hard drives. It encompasses all aspects of an organisation that deal with handling personal information, i.e. people, technology and processes. Data protection affects all organisations and the ICO rightfully pursues those who compromise personal data.”
Despite the fact that all public and private sector organisations in the UK are required by law to be compliant with the Data Protection Act (DPA), there are still many that fall short of meeting the DPA’s requirements and don’t take their obligations seriously enough.
“SMEs tend to overestimate the work and costs involved in DPA-compliance. Data protection is easier than most people think, if the eight data protection principles are understood correctly and the process is appropriately managed,” adds Calder.
The IT Governance DPA Foundation training course, for example, is a one-day session designed to provide staff with a full knowledge of the eight principles of the DPA and the practical advice to ensure that all practices associated with processing personal information are implemented and maintained on a continual basis. It is available as both classroom and in-house delivery. The next public course takes place on 19 July 2013 and can be booked at www.itgovernance.co.uk/shop/p-525.aspx.
The DPA Compliance Toolkit is another valuable resource for achieving compliance with the DPA. It contains the document templates and tools that are essential for any UK data controller and saves time researching and writing the required documentation. A downloadable version of the document templates is available from: www.itgovernance.co.uk/shop/p-513.aspx.
- Ends -
NOTES TO EDITORS
IT Governance Ltd is the single-source provider of books, tools, training and consultancy for IT governance, risk management and compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is ‘non-geek’, approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
Desi Aleksandrova
IT Governance
+44 (0) 845 070 1750
email us here