The ICO has published a new guide for small and medium sized businesses. The guidance provides a series of clear and practical steps which businesses can take to help make their IT systems safe and secure.
The guide includes a checklist, as well as more detailed advice on securing data on the move; keeping systems up to date; keeping an eye out for problems; knowing what you should be doing; and minimising the data you keep.
Welcoming the guidance, Mike Cherry, Policy Chairman at the Federation of Small Businesses, said:
“Good IT and data security should be part and parcel of good business practice and businesses should think about the simple steps that they can put in place to achieve this. The guidance should help businesses do this.”
With the ICO already having served monetary penalties totalling over £2 million to organisations that have failed to keep personal data secure including the three recent fines on Brighton and Sussex University NHS Trust (£325,000), Telford and Wrekin Council (£90,000) and Belfast Health and Social Care Trust (£225,000), the Information Commissioner, Christopher Graham, has reminded businesses that:
“Following this guidance is not just about minimising risk. Businesses that prioritise the safety of their customers’ personal data will have a real competitive advantage.”
Copies of the guide are now available – free of charge – on the publications page of the ICO website.