As a charity, you may feel that you are safe from malefactors; after all surely no one would target a charitable organisation. This mind set, paired with the fact that many charities store a huge amount of information about vulnerable people seems like a recipe for disaster, and it is. Therefore it is obvious that the data protection of charities is extremely important, yet also extremely (and unnecessarily) neglected. Because of the nature of the information that charities store, it is unsurprising that the government do their best to encourage its protection. However, when the charities fail to do so, penalties of up to £500,000 are de rigueur.
Last year “Asperger’s Children and Carers Together”, (a Sheffield-based support group for children and families affected by Asperger’s syndrome), were subject to a breach of the data laws after a laptop containing personal data on 80 children was stolen from an employee’s home in December. This data included: names, addresses, dates of birth and medical information. Issues like this could have been easily avoided by simple encryption of data, saving time, a potential fine, and most importantly, a great deal of distress for those involved.
“Lawrence Simanowitz, a lawyer at the firm Bates Wells and Braithwaite, said 350 complaints had been made against charities in the past four years.” However “Traditionally, the Information Commissioner has taken quite a mild approach to charities.” Although this means that “The next time the response might be more serious, particularly if the information had been used to cause damage." In a world where an increasing amount of information is stored as data, charities and companies will be expected to protect their data, in the same way they would protect physical files, and it is becoming clear, that the past tolerance is now growing thin, as the education and information in the data protection field increases. However, the answer is not to restrict all data, as it still needs to be accessed. A balancing act must be found between “restrictions with flexible access to systems and data which means you can access what you need from anywhere”.
Dave Everitt, general manager of EMEA for Absolute Software has said that “often organisations aren't worried about the £400 it would cost to replace a laptop, but the data held on it can cost the organisation a lot more.” Charities in particular need to be extra vigilant as they will hold lots of highly confidential information about vulnerable individuals. Not only is there a direct effect on individuals, the charity itself will also suffer due to the time it will take to recreate the data, and the impact that a security breech will have on an organisation’s reputation.
A lot of charities in the past have put off data protection, and have become victims in completely avoidable situations. This field of IT seems completely alien to a lot of people, however, there is help out there. Data Defender is a company which is offering charities advice and protection for their data.
Due to the importance and vulnerability of charities systems they are offering to waive their consultancy and installation hourly charges to the first five free calls from small to medium registered charities in Central London and around, which could just stop your charity becoming the next victim.