The UK’s Information Commissioner’s Office (ICO) has recently issued a warning to people in the legal profession. According to an August 2014 news release, the ICO has seen a higher-than-expected-number of data breaches stemming from the actions of solicitors and barristers. Normally, the recommendation would be to use data encryption software to secure sensitive files; however, because paper files are involved, easy data security efforts are being stymied.
15 Incidents in 3 Months
The ICO revealed that there were “15 [data breach] incidents involving members of the legal profession have been reported to the ICO” in the three months preceding August 2014. It noted that while these numbers don’t seem high, legal professionals “carry around large quantities of information in folders or files when taking them to or from court, and may store them at home” increasing the risk of a serious data breach.
Data Protection Tips from the ICO
The problem is that these files and folders are of the paper, not computer, variety. What to do? The ICO has proposed the following recommendations:
- Keep paper records secure. Do not leave files in your car overnight and do lock information away when it is not in use.
- Consider data minimisation techniques in order to ensure that you are only carrying information that is essential to the task in hand.
- Where possible, store personal information on an encrypted memory stick or portable device. If the information is properly encrypted it will be virtually impossible to access it, even if the device is lost or stolen.
- When sending personal information by email consider whether the information needs to be encrypted or password protected. Avoid the pitfalls of auto-complete by double checking to make sure the email address you are sending the information to is correct.
- Only keep information for as long as is necessary. You must delete or dispose of information securely if you no longer need it.
- If you are disposing of an old computer, or other device, make sure all of the information held on the device is permanently deleted before disposal.
What I find interesting is that at least half of these recommendations are actually geared towards electronic data. I guess, at the end of the day, you can’t really give pointers for just the one and not the other.
Plus, what kind of tips could you possibly give for a bunch of sheets collated together or stuffed into a folder, aside from “don’t lose them”?
Related Articles and Sites: