|
A survey of over 500 SMEs carried
out by the British Standards Institution
(BSI) has found that nearly one in five
businesses has unwittingly breached the
Data Protection Act (DPA) at least once.
Almost 50% of businesses said they had
breached the DPA on several occasions and
an additional 18% said they were not sure
whether they had or not.
A "breach" could refer to the illegal
transfer of information to a third party,
failure to hold information securely or
neglect of other legal obligations.
The survey provides a snapshot of how
UK businesses manage the personal
information they hold on staff and
customers, including sensitive data such
as racial or ethnic origin, trade union
membership and criminal proceedings. It
was carried out to mark the publication of
a new British Standard on data protection
which will help organizations put in place
a framework for maintaining and improving
compliance with data protection
legislation and good practice.
The survey also found that:
- 65% of businesses provide no data
protection training for their staff;
- nearly half of those surveyed admit
that there is no one in their business
with specific responsibility for data
protection;
- 15% of businesses are not confident
that their data sharing practices
conform to the DPA and, worryingly,
almost 5% of these frequently share data
regardless;
- 18% of businesses said that data
protection is less of a priority in the
current economic climate.
|
