10th March, 2010, Newbury, UK. New Data Protection Act powers coming into force on April 6th will mean Trustees need to evaluate the ways in which they handle data and will have to consider whether email is a suitable method for transmitting personal data. The new law is designed to prevent any data breaches from occurring and allows the Information Commissioner’s Office (ICO) to fine Trustees up to £500,000 for serious offences.
Many Trustee boards still use email to transmit sensitive information, yet email does not provide security for this type of data. Not only do they send board packs via email but often personal data for Trustee decisions is also issued in this way.
“We have known for a long time that email is an insecure way to transmit data. Yet many Trustee boards still use email to distribute sensitive, personal information such as death in service cases and ill health retirement information to remote Trustees” says Alister Esam, CEO of eShare. “Schemes that use eShare are already compliant with this aspect of the Data Protection Act.”
If data breaches do occur, the ICO will take into consideration what measures were in place to avoid breaches. The clear solution is to use professional secure server technology run by people who specialise in dealing with these systems. This allows Trustees to access all necessary information in one secure location without the need to transfer, and store locally, sensitive data.
“The new laws will mean that Trustees have to embrace technology to protect their members’ data” says Esam, “The outcome will be the use of secure governance software by all boards going forward and this is going to mean better governance generally as boards are forced to engage with all the other benefits governance software delivers.“
END