Missing discs are only the tip of the iceberg
Press release - 11 December 2007
The UK's leading charity for business quality, the Chartered Quality Institute, calls for companies to make sure they cover the data security basics
Following the announcement that yet more data has been lost by government body, the Chartered Quality Institute (CQI), a top UK charity that provides quality training for organisations including the BBC and United Nations, is calling for stricter codes of practice to ensure data blunders won't be repeated.
The Driver Vehicle Agency (DVA) in Northern Ireland yesterday 'confessed' that it has lost the personal details of 6,000 people, admitting that two disks containing the information were sent unencrypted.
Brendan Magee, chief executive of the DVA said the lost data includes the vehicle keeper's name, address, registration mark of the vehicle, chassis number, make and colour.
It's another crushing blow to public confidence in government data security following the furore caused in November when records for 25m people were lost by HM Revenue and Customs after a junior official sent two disks unencrypted and by unregistered post.
Mike Debenham, executive director of policy and professional affairs at the CQI said:
'Risk-based decision-making is probably the most useful analytical tool in these circumstances as it not only ensures that correct decisions are made but it provides justification for the expenditure of resources should this be necessary.
'It would have identified the potential risks, such as the loss of data, and the consequential costs, for example the loss of reputation, damage limitation costs and measured these against the resources required to mitigate the risks.'
The CQI recommends that all public and private organisations dealing with sensitive electronic data:
- adopt the basic and proven principles of risk management and the appropriate quality tools
- train themselves to utilise ISO/IEC 17799, Information technology - Security techniques - a code of practice for information security management, which provides a framework to safeguard sensitive company information
Contact Robert Maddison at rmaddison@thecqi.org for more information or hi-res images.
##Ends##
Notes to editors
1. Contact Robert Maddison for any further enquiries:
T: 020 7245 8565
E: rmaddison@thecqi.org
The Chartered Quality Institute, 12 Grosvenor Crescent, London, SW1X 7EE
www.thecqi.org and www.irca.org
2. The CQI (previously the Institute of Quality Assurance) is the UK's leading not-for-profit body dedicated to ensuring the highest possible quality standards are achieved and maintained in all business sectors. The CQI exists to provide leadership, education and assessment in the field of quality in the UK and globally. The CQI's 11,000 members and IRCA's 14,000 certificated auditors are located in over 120 countries making it the leading international quality membership organisation and the largest international auditor certification body in the world.