The Information Commissioner’s Office recently issued an enforcement notice against the Alzheimer’s Society. The action shows that rigorous standards of data security are expected from everyone who handles sensitive personal data – including volunteers.
It’s tempting to think that the Information Commissioner might be less strict with a charity than with a commercial organisation. They might also make allowances for what you can reasonably expect volunteers to do. But, sensitive personal data is sensitive personal data and everyone has a right to have it protected.
The ICO demanded improvements in the training of volunteers, in the systems used by the society to manage sensitive personal data and in the security of their website.
Specific deficiencies included:
- Storing service user personal data on unencrypted laptops (some of which were stolen)
- Having unencrypted personal data that could be hacked (and was) via the website
- Having ineffective data protection controls and training, particularly for volunteers
Failure to comply with the enforcement notice will result in prosecution.
What does this mean for care providers?
There’s a clear message for organisations working with potentially vulnerable people: the ICO cares about the privacy of your service users and will take action to protect them.
As a service provider you also have a moral duty to protect the personal information of potentially vulnerable people.
So what’s the answer?
Rather than focus on more procedures and controls, wouldn’t it be better to use a management system that encrypts personal information? One that stores data where it can’t be mislaid or stolen?
Why CareForIT is a better solution:
- Data is fully encrypted and stored in a secure data centre.
- No information is stored on local hard drives; it is accessed as required via secure internet and mobile technology.
- Paper records are eliminated.
- Good data handling practice is enforced through the system design.
Book a free online demo and see how protecting sensitive data can be simple and cost-effective.
BOOK A DEMO