Suppliers leaving themselves wide open to fines up to £500,000

BT subsidiary PlusNet is the latest company to admit it could have breached the Data Protection Act, facing a potential £500,000 fine, after it supplied data to a third party.

The BBC stated today that Amichai Shulman, chief technology officer of security firm Imperva, told them that the documents emerged not as the result of a security lapse, but following the corruption of their IT systems. “In the reconstruction process – which was probably done in haste – the archives with the sensitive data were copied to publicly accessible locations…. attackers immediately took advantage of that and downloaded them.”

A spokesperson for the Information Commissioner Office (ICO) told BBC News that there would be an ongoing investigation.

As more companies adopt the internet as a way of managing and transferring data, some are likely to find themselves at the wrong end of a major data breach – and substantial penalties.

Some companies don’t realise that data protection also relates to prospect data and those that use web-based prospect systems are potentially putting themselves at risk if the data provider uses an outsourced software company. Matthew Stone, Software Development Manager at Insight Data, elaborates; “most reputable suppliers of prospect data will have their own software and IT team to manage data, ensuring data is backed up and stored safely. However, some data suppliers use a third party software company which, while saving significant costs, is putting their customers at serious risk because the third party has full access to the customers data potentially breaching every data protection rule going.”

With news that Business Link has advised companies to credit check their CRM database suppliers (http://bit.ly/9KT2nX) the potential risk of dealing with a data supplier that uses a third party software company are greatly multiplied – if either one of them goes bust customers could end up loosing all their customer and prospect data as well as facing prosecution for breaches of data protection.

Insight Data is the only supplier of prospect data in the fenestration and building industry to manage data in-house with its own software and IT team, protecting clients and ensuring data is not made available to third parties.

For more information visit www.insightdata.co.uk, email info@insightdata.co.uk or call 01934 808293.

Follow us on www.twitter.com/insightdata