But financial firm faced no punishment
By Tim Ferguson
Published: 21 February 2008 12:37 GMT
Skipton Financial Services (SFS) has been found to have been in breach of the Data Protection Act by the Information Commissioner's Office (ICO) - but has escaped without any punishment.
The financial advisor company suffered the theft of an unencrypted laptop containing the personal details of 14,000 of its customers last December.
silicon.com's Full Disclosure campaign - what we are asking for...
silicon.com wants the government to review its data protection legislation and improve the reporting of information security breaches in the public and private sectors.
We are calling for greater public debate and for the government to consider legislation that would require organisations that suffer information security breaches to alert their customers if there is a chance the breach has put individuals' sensitive personal data at risk.
We want to hear your views about this campaign and the issues it raises. Make your voice heard by leaving a Reader Comment below or emailing us at editorial@silicon.com.
The laptop was stolen from Moore Stephens Consulting Ltd - a company processing data for SFS - and contained customer names, dates of birth, national insurance numbers and investment amounts.
The ICO said SFS should have taken steps to encrypt the information on the laptop in order to keep it secure - but did not impose any fine on the company.
This contrasts sharply with punishment meted out to the Nationwide Building Society, which was fined £980,000 by the Financial Services Authority last year, over the theft of a company laptop containing confidential customer details from an employee's home.
Assistant Commissioner Mick Gorrill said although it isn't always possible to prevent the theft of mobile devices, it is possible to minimise the damage done.
He warned that companies must take adequate measures to safeguard data on mobile devices before they leave company premises by using password protection and encryption and said those who fail to do so risk losing the trust and confidence of both employees and customers.
SFS has signed an undertaking to secure personal data in the future and has said it will carry out risk assessments where third parties are processing data for SFS.
In a statement, Simon Holt, MD of SFS, said the swift actions taken following the theft and the company's explanation were accepted by the ICO.
He said there has been "no evidence whatsoever" to suggest the customer data on the lost laptop has been misused by a third party.
ADDITIONAL BENEFITS: Bonus + 25 days holiday + laptop + Blackberry etc The role is specifically responsible for making sure that the company fully ...
You must also have experience with Information Security and Business Continuity and other relevant legislation. ICT Security Specialist/Information ...
EMEA Technical Support EngineerPKI Hardware Security Data Protection 2nd/3rd line My clientis a global leader in information security providing ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Tim Ferguson
On a new Voyager, tackling fraud and the intellectual challenge
Interview: Nationwide IT director, Peter Stafford
Nick Heath
David Lister on smart grids and why he left RBS
Interview: National Grid CIO
Andy Jones
Why banks will push ahead with offshoring
Comment: Even if they don't want to
Catherine Stagg-Macey
Legacy IT holding back insurers
Comment: Economic crisis means finance giants must step lively
Julian Goldsmith
The City fund manager with no IT department
Q&A: How asset management is embracing the cloud...
Peter Cochrane
Peter Cochrane's Blog: How tech can solve the banking crisis
Bring on a machine-based economy