Friday, 10 July 2009

Firms fail to comply with data protection standards

In the fight against fraud, so much emphasis is placed on monitoring of individual transactions, that often firms forget about getting the basics right. Protecting confidential customer data is essential in the fight against fraud, yet companies continue to fail to adhere to data protection standards.

According to a survey published by BSI, the UK's National Standards Body, almost one in five businesses breached the Data Protection Act (DPA) on one or more occasions - many without even realising it. This could be because they failed to hold information securely, illegally transferred information to a third party or neglected other legal obligations.

Tim Thompson, UK Managing Director at 41st Parameter, says the cost of fraud is often thought of in terms of how much money is stolen, however, he says this is too much of a short-term view. "Now, more so than ever, organised 'fraud rings' are cashing in on an underground economy, which deals in stolen personal information."

Thompson said the BSI survey highlighted the fact that 65% of businesses provide no data protection training for their staff. Almost half of firms indicated that there was no one in their business with specific responsibility for data protection and 18% of businesses said that data protection was less of a priority in the current economic climate.

The latter is alarming given that fraud is reportedly on the rise in the current recession. Can firms afford to lose not only millions through fraud, but also a tarnished reputation with their customers, if they continue to take a lackadaisical approach to data protection?

"If a company is hit by a security breach and data is taken, not only is it highly likely that it will be hit with fraudulent actions, its reputation will quickly become tarnished, and new and existing customers will take their business elsewhere," says Thompson of 41st Parameter.

1 comment:

historypak said...

including reasonable comments here... Insurance