• silicon.com
• Management
• CIO Insights

By Graham Hayday, 24 September 2002 15:25

NEWS Forty-two per cent of IT directors have broken the law by using real customer data to test applications - a practice which is outlawed under the terms of the Data Protection Act (DPA). The law strictly prohibits companies from using customer data for any purpose other than that for which it was collected, but with awareness of the Act low among IT directors, many companies are leaving themselves open to possible legal action. A survey commissioned by Compuware has revealed that the use of customer data for testing applications is practiced by 42 per cent of IT departments. Although companies have dealt with customer data abuse issues such as spam, which are also covered by government legislation, the way in which IT departments use customer data has been overlooked, according to Compuware. Thirteen per cent of the IT directors questioned for the survey viewed the DPA as 'being outside of their area of responsibility', with a further 47 per cent stating that they were only 'vaguely familiar' with the act. Ian Clarke, director of enterprise management solutions, Compuware EMEA, said: "Many companies simply aren't aware of the wider implications of the Data Protection Act. Using customer data to ensure that an IT system designed to process customer data is working properly would seem to make good sense. "However, companies that indulge in this practice are not only compromising their customers' rights and opening themselves up to prosecution and hefty fines, they're also at risk of damaging their corporate reputations if test documents such as invoices find their way out to real customers," he added. Companies can create test data, or use encryption or data swapping techniques to get around the problem, but the first option is time-consuming and expensive, and the other two can render the data unsuitable for testing - and can still be in breach of the law. Surprisingly enough, Compuware thinks it has a solution based on 'data transformation'. See http://www.compuware.com for more information.