Look for us on
Elliem Consulting
  • Home
    • Covid-19
  • About Us
  • What we do
    • Auditing
    • Training
    • Mentoring
    • Career Counselling
  • Books
  • Our Blog
  • Testimonials
  • Links
  • Our Policies
  • Doodles!
  • Small Business Saturday Video
  • On Line Training

Data held on personal devices

3/12/2013

 
 How many of us use our own ‘personal  devices’ for work purposes?   Included within that term are items such as smartphones, laptops, tablets  etc.  I guess the answer would be  ‘quite a lot of us’ and a recent survey commissioned by the ICO (Information Commissioner’s Office suggests that many employers havn’t really grasped the  significance of this and the  relationship to the Data Protection  Act.  
 
I guess even fewer have considered the links to ISO9001 clause 7.5.4 and the requirement to ‘exercise care with customer property whilst it is under the organisations’s control or being used by the organisation’ – and personal data is, as is made clear in the 2008 version of the standard, considered to be customer property. 
As the use of this type of equipment grows it’s time that businesses grasped the significance of this issue and acted to protect themselves, and the data being managed.

The ICO survey suggests that nearly 50% of UK adults use personal devices as part of their work but that less than 30% are given any advice or guidance on controls that should be in place when they do
so.

Here’s what Simon Rice, the ICO Group Manager for Technology has to say:   
 
“The rise of smartphones and tablet devices means that many of the common daily tasks we would have previously carried out on the office computer can now be worked on remotely. While these changes offer
significant benefits to organisations, employers must have adequate controls in place to make sure this information is kept secure.   

“The cost of introducing these controls can range from being relatively modest to quite significant, depending on the type of processing being considered, and might even be greater than the initial savings expected. Certainly the sum will pale into insignificance when you consider the reputational damage caused by a serious data breach. This is why organisations must act now.”

Commneting on the new guidance, he said:

“Our guidance aims to help organisations develop their own policies by highlighting the issues they must consider. For example, does the organisation know where personal data is being stored at any  one time? Do they have measures in place to keep the information accurate and up-to-date? Is there a failsafe system so that the device can be wiped remotely if lost or stolen?”

The ICO survey suggests that email accounts for the largest usage, but that nearly 40% used their devices to edit documents and over 35% stored work documents on their device and the ICO warn that there
is a very good chance that all these activities involve the processing of personal information and therefore fall within the bounds of the Data Protection Act.

 Key recommendations from guidance include:

 I have just added some very targeted
questions to my audit question bank – this is an area which needs careful
exploration and action. Expect your
external certification bodies to be looking at this
too!


Comments are closed.

    Author

    thoughts on current business issues
    from a quality
    professional!

    Archives

    August 2018
    March 2018
    May 2017
    January 2017
    August 2016
    May 2016
    March 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    November 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013

    Categories

    All

    RSS Feed

Picture
Picture
Picture
Picture
Contact us
          ©  Elliem Ltd 2013
Photo used under Creative Commons from scott1723