Data loss by PA Consulting
Just some removable devices
The recent loss by PA Consulting of data about criminals in Britain raises many questions about data security and highlights the difficult of guaranteeing privacy and security of data. With the proliferation of portable storage devices, coupled with their increasing capacity and low cost, the challenges of maintaining data privacy and security are considerable.
I expect that PA signed all the necessary confidentiality agreements, security policies, data management policies, etc, when agreeing the contract with the Home Office. I expect that they also provided the necessary assurances to the client when negotiating the work. And I expect that the client took assurance from all of this. And yet, despite that, a significant breach of confidentiality and data security occurred, exposing both the contractor and the Home Office to being sued. So, if policies and procedures, signed declaration and undertakings aren’t adequate protections, what can a client do when engaging third parties, or, indeed, protecting data from disclosure by staff? Continue reading ‘Data loss by PA Consulting’ »
