Charities urged to sign up for ICO data protection check up
9 Aug 2012: Charities and third sector organisations are being urged to sign up for a data protection ‘check up’ by the Information Commissioner’s Office (ICO), which believes that these organisations have most to gain from doing so.
With charities often handling sensitive information, such as individuals’ medical details, they are potentially more susceptible to encountering a serious data breach. This could result in the ICO serving the organisation with a monetary penalty of up to £500,000. However by using today’s top five tips and signing up for a free one day advisory visit, the ICO is highlighting the support available to help them keep their personal information secure.
Louise Byers, Head of Good Practice at the ICO, said: “We are aware that charities are often handling extremely sensitive information relating to the health and wellbeing of vulnerable people. With these organisations often lacking the money to employ dedicated information governance staff, there’s a danger that many charities may be struggling to look after people’s data.
“We have published the top five areas for improvement to show the voluntary and charity sector that good data protection practices can be cheap and easy to introduce, providing they have the right help and support. A one day advisory visit from the ICO provides charities with a data protection ‘check up’ and practical advice on how they can look after people’s information. We are now calling on these organisations to use the summer period to check that their data protection practices are adequate and get in touch before it is too late.”
Sam Younger, Chief Executive of the Charity Commission said: “Trustees are responsible for ensuring their charity complies with relevant legislation – including the Data Protection Act – and for protecting their charity’s reputation. Mishandling sensitive data not only causes individuals serious distress, it can also damage the good name of your charity. So I encourage trustees of charities that handle sensitive data to take note of the ICO’s guidance and consider taking part in an ICO advisory visit.”
The ICO’s top five areas for improvement are:
Tell people what you are doing with their data. People should know what you are doing with their information and who it will be shared with. This is a legal requirement (as well as established best practice) so it is important you are open and honest with people about how their data will be used.
Make sure your staff are adequately trained. New employees must receive data protection training to explain how they should store and handle personal information. Refresher training should be provided at regular intervals for existing staff.
Use strong passwords. There is no point protecting the personal information you hold with a password if that password is easy to guess. All passwords should contain upper and lower case letters, a number and ideally a symbol. This will help to keep your information secure from would-be thieves.
Encrypt all portable devices. Make sure all portable devices – such as memory sticks and laptops – used to store personal information are encrypted.
Only keep people’s information for as long as necessary. Make sure your organisation has established retention periods in place and set up a process for deleting personal information once it is no longer required.
Advisory visits are provided free of charge and give small and medium sized organisations the opportunity to discuss and receive practical advice from the ICO aimed at improving their data protection practices. The visits last one day and each organisation is provided with a short report summarising the ICO’s findings and providing practical advice on how they can improve. The top five list covers the main areas for improvement highlighted by previous advisory visits carried out at small and medium sized charities and third sector organisations.
Further information about the ICO’s advisory visits can be found on the ICO website here.
Organisations that would like to be considered for an advisory visit are invited to register their interest by sending an email to email@example.com. Summary reports of the advisory visits already carried out by the ICO with small and medium sized organisations are available here.
The ICO has also produced guidance for the charity sector, which is available on the ICO website here.
14 June 2013: Cloud-based marketing software platform provider Marketo has announced the availability of the Marketo Customer Engagement engine, which it claims is the first marketing solution that intelligently and automatically manages the timing and distribution of the right content, to the right person at the right time.
13 Jun 2013: Kognitio and Celebrus Technologies marke the anniversary of a strategic collaboration that provides one of the largest global manufacturers in the world with an innovative solution for digital marketing analytics.
12 Jun 2013: The Institute of Direct and Digital Marketing has revealed that student teams from the University of Northumbria and University of Central Lancashire have made it to the top three in the prestigious IDM Student Marketing Competition 2013
7 Jun 2013: Salesforce.com, the world’s biggest CRM platform, has announced an agreement to acquire ExactTarget, the leading cloud marketing platform for around $2.5 bn.
7 Jun 2013: Whisbi, the lead management technology provider, has launches a new product designed to monetise Facebook.
6 Jun 2013: Database Marketing Award-winning customer engagement agency Indicia has expanded with the opening of a new London office.
5 Jun 2013: The London School of Marketing has announced a formal partnership with the Digital Marketing Institute.
1 Jun 2013: Experian insight reveals the location and characteristics of the UK’s growing number of single person households
22 May 2013: – D&B, the world's leading source of commercial information and insight on businesses, had made D&B360 available for Oracle CRM On Demand, Oracle's Siebel CRM, Microsoft Dynamics CRM and SAP CRM.
20 May 2013: In the third of our special series of articles profiling the database marketing industry, we catch up with Hopewiser, Alchemetrics, Callcredit and greenstone data solutions.
22 May 2013: Insurance provider Ageas has appointed Mark Hanson as Marketing Director for its two over 50s insurance brands, RIAS and Castle Cover.
20 May 2013: Comet Global Consulting, the customer interaction expert, has secured an additional two-year deal with Sky, to further develop and support the company’s customer relationship management and customer interaction systems and operations.
21 May 2013: — Experian has launched a new online credit risk and marketing portal putting a wealth of vital business information at the fingertips of UK SMEs.
8 May 2013: Hector Vass, former Systems Architect in the Customer Lifecycle and Optimisation team at the Lloyds Banking Group, has joined marketing analytics agency Metametrics as Chief Technology Officer.
8 May 2013: The Institute of Fundraising’s Special Interest Group for Insight in Fundraising has announced the shortlist of finalists for the Insight in Fundraising Awards 2013.
8 May 2013: ghd, the UK hair-straightening brand, has seen conversion rates soar as a result of improving the shopping experience on mobile devices using data gathered through Celebrus Technologies’ software.