Print
Send to friend
RSS feedsAs yet more companies own up to large-scale losses of personal data, a survey has found that the risk of confidential data being lost or stolen is 43% higher when it is outsourced rather than held in-house.
Paul Bates, managing director of customer relationship management business StrongMail UK, commissioned the study by research company Ponemon of data losses by outsourcers following a similar US-based study.
Almost two-thirds (61%) of the businesses surveyed admitted the loss or theft of customer data over the past two years. In 90% of these cases, the loss or theft went unreported to the authorities because the organisations either did not realise they were required to under the Data Protection Act or did not know who to inform.
“Most companies outsource email marketing and give their database to third parties to send out emails on their behalf,” said Bates. “We wanted to get a flavour of the behaviour of the marketing and data people within the companies. Some people are cowboys and show a complete disrespect and disregard for data.”
A fifth of respondents said they handed over customer financial information such as credit card details so that outsourcers could manage transactional processes.
“We have found companies that have handed over to third parties customer details that included religion and ethnicity data,” said Bates.
Butler Group analyst Roy Illsley said there would be a strong drive towards data accountability and tracking over the next 12 months, backed by emerging IT solutions.
“Given the recent problems with data going missing laptops being left on trains and such like I think that you might be looking at certain sectors wanting to identify people [who have access to confidential data].”
The latest security breaches include the loss of a computer hard drive by third-party IT supplier EDS, containing the personal details of about 100,000 members of the armed forces, and the loss of Vodafone and Network Rail staff data by financial services firm Deloitte.
An Information Commissioner’s Office spokesperson said: “The MoD has informed us about a loss of personal information. It has commenced an investigation into this matter and will report the findings of its investigation in due course.”
The spokesperson added: “Any organisation that fails to treat personal information securely risks losing the confidence and trust of staff and members of the public. Our research shows that over half of individuals no longer have confidence in the way organisations such as banks, local authorities and government departments handle their personal data.”
