Categories
Backup and Storage

Charities ‘more susceptible’ to data breaches

ICO releases tips designed to help charities step up the security of their systems

Charities and third sector organisations are potentially at greater risk of suffering a serious data breach than their private sector counterparts due to the nature of the information they handle, according to the Information Commissioner’s Office (ICO).

With everything from people’s medical records to dates of birth and financial details processed by such bodies – coupled with the fact that they often can’t afford to employ staff dedicated to properly securing their data – the ICO has suggested that more needs to be done to support their efforts to protect sensitive files.

So in order to ensure charities do not find themselves victims of cyber attacks, the ICO has released a series of guidelines that can help organisations improve the efficiency of their systems and guard against potential breaches effectively.

"We are aware that charities are often handling extremely sensitive information relating to the health and wellbeing of vulnerable people," said Louise Byers, head of good practice at the ICO.

"We have published today’s top five areas for improvement to show the voluntary and charity sector that good data protection practices can be cheap and easy to introduce."

Indeed, given the legal and financial implications of breaching the Data Protection Act, it is particularly important that charities avoid such incidents in order to ensure they can dedicate funds to their cause without having to pay extensive fines.

Chief among the ICO’s tips is that charities and third sector organisations need to make certain staff are sufficiently trained, as well as ensuring that people know what their personal details are being used for.

And whether it’s with secure electronic document storage or through encrypting files with complex passwords, there are a wide range of ways that the security of IT systems can be improved, enhancing a charity’s data protection credentials and avoiding substantial costs.