PresseBox
Press release BoxID: 466976 (Cryptzone AB)
  • Cryptzone AB
  • Drakegatan 7
  • 41250 Göteborg
  • http://www.cryptzone.com
  • Contact person
  • Darshna Kamani
  • +49 (20) 7183-2839

Cryptzone believes ICO financial penalties against two councils are unnecessary

(PresseBox) (Göteborg, ) Cryptzone understands why the Information Commissioners Office deems it necessary to impose fines against North Somerset Council and Worcestershire County Council after staff at both authorities sent highly sensitive personal information to the wrong recipients. However, says Cryptzone, this action would be unnecessary if councils were putting the right security controls in place and taking action when policy violations take place.

Grant Taylor, VP of the IT threat mitigation specialist, comments, "There really is too much of this sort of thing going on across local government and allied agencies. People who handle highly sensitive personal information need to understand the real weight of responsibility that comes with keeping that data secure"

The Cryptzone VP went on to say that, whilst assisting staff with the correct training and having the right security policies in place is clearly a given, protecting data in the public sector is also about using some common sense.

Considering whether open or secure email is the appropriate communications medium, checking and double checking that the right recipients will receive the information - and measures like encryption and data minimisation - should be routine in all aspects of local government interactions, he explained.

Taylor says that, against this backdrop, he hopes these penalties send a clear message not just to those working in the social care and allied sectors, but any organisation dealing with sensitive personal information.

"The bottom line here is that the Information Commissioner takes this sloppiness seriously - and so should you. We've had more than 18 months of warnings against public sector bodies and that approach has not worked, monetary penalties are a regrettable measure of last resort," he said.

When public sector cuts threaten the quality of patient care, it becomes even more difficult to get IT security expenditure approved. However it is time that organisations woke up to the fact that IT security is the responsibility of everyone across all departments. When staff don't fully understand the correct IT policies and procedures and management ignore it when mistakes are made, the cost to organisations is much higher than the measures that would have avoided these ICO fines in the first place.

For more on Cryptzone: http://www.cryptzone.com

For more on the ICO monetary penalties against councils: http://bit.ly/rFis3m