Home / News & Resources / News & Updates / What should a business do to protect your data?

What should a business do to protect your data?

Name: Our Reviews - Hayes Connor
Brand: Hayes Connor
SKU: https://www.hayesconnor.co.uk/
Rating: 4.3 (209 reviews)

Posted onAugust 12, 2020

Your confidential data has value. Not only to the organisations that use it - either to provide you with services or to sell to you - but also to criminals who want to exploit your information for their own purposes. So, what should you expect when you hand over this valuable asset? Here are some top tips to ensure robust data protection.

Organisations must protect your data

Businesses should protect your data in a range of different ways. Because, when it comes to issues of privacy and data protection, prevention is always better than cure. This includes investing in things like:

Secure firewalls
Anti-virus and anti-malware software
Regular and robust backup processes
A process for updating operating systems on a regular basis
Processes that prevent staff members from sharing passwords
Reliable encryption
Processes to remove outdated info
Processes to identify and record what personal data is held and stored by the business
Compliance with the Information Commissioner's Office (ICO).

Organisations must assess vendor vulnerabilities to maintain robust data protection

It is not uncommon for a data breach to happen because of a third-party. For example, when vulnerable software is used on an organisation's website, or because a specific service has been outsourced. And, while an organisation might seek to place the blame on any vendor who allowed a data breach to happen, they remain responsible. So, if an organisation is entrusting your valuable data to a third-party, the must make sure that this supplier/partner has adequate data security processes in place.

Organisations must make sure their employees understand the consequences of a data breach

Despite fears about cybercrime, human error is far more likely to cause data protection breaches than hackers. Common causes for these breaches include:

Data being sent to the wrong recipient
Loss of theft of paperwork
Failure to redact data
Failure to use bcc when sending an email
Unencrypted devices being lost or stolen

So, organisations must ensure that they train their employees on how to maximise data security, and make sure that they understand the potential consequences of a breach.

What's more, 87% of employees take sensitive data with them when they leave a company, whether voluntarily or involuntarily[1]. So, you have the right to expect that any organisation you deal with puts robust processes in place to protect your data against such threats. This includes:

Ensuring data protection policies are communicated to employees
Making sure they have robust security systems in place to prevent data theft and errors
Establishing monitoring processes to detect data theft/errors
Ensuring adequate policies are in place to deal with issues such as social media use.

Organisations must let you know if they breach your data

The General Data Protection Regulation (GDPR) requires organisations to report certain types of personal data breach to the ICO. It must do this within 72 hours of becoming aware of the breach, (where feasible). If the breach is likely to result in a high risk of adversely affecting your rights and freedoms, the organisation must also inform you of the data breach "without undue delay".

What can you do if you are the victim of a data protection breach?

The ICO can impose hefty fines on organisations that don't meet their obligations under the Data Protection Act. However, the ICO does not award compensation to victims.

If you have suffered damage, distress or a loss of privacy caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation. And, at Hayes Connor Solicitors, we know what it takes to make a successful data breach compensation claim.

Our expert, friendly team will advise you on whether you have a valid claim and will be pleased to answer any questions you might have. If you are not sure whether your information has been misused or mishandled, we can find this out for you.

We also understand that making a compensation claim can be stressful; especially where your sensitive information has already been breached. That's why we remove the jargon from the process and make sure you always know what's happening with your case. Of course, it goes without saying that our process is fully compliant with ICO guidance and we never put your details at risk.

START A DATA BREACH CLAIM

[1] https://go.druva.com/Osterman-Research-Best-Practices.html

In the newsRead more news

Common Causes of Data Breaches

PostedMarch 7, 2024

Data breaches are a common occurrence across a wide range of industries. Countless organisations have been caught out, particularly in recent years, leading to the exposure of highly sensitive personal...

What To Do If Your Bank Account Is Hacked?

PostedJanuary 30, 2024

Having your bank account hacked is one of the scariest and most devastating types of crime you can experience. It can cause immediate financial difficulties and long-term harm to your...