Our most recent blog explored the basics of PST files and puts the question to HR and legal teams on whether they should have a greater appreciation of personal data storage practices within their respective companies. Furthermore, it demands the answer of whether they are challenging their IT departments enough?
If an investigation was brought forward by the ICO, would your company be secure? Would you be at risk of a large fine?
Below gives further reason as to why your IT Departments lack of response to PST files may put your whole company at risk.
Large monetary fines. First and foremost, as discussed in this article for IT managers, PST files jeopardise a company’s ability to be compliant with data protection laws, such as the ability to provide consumers with a concise and full report of the information you hold on them following a Subject Access Request. The simple cause of this inability is the fact that PST files make it near impossible for all data to be collated and referenced. A result of such is that formal complaints from consumers may and will be made leading to potential investigation by governing bodies such as the ICO who often impose a large fine.
Loss of consumer confidence. Moreover, data breaches caused by PST files can also damage a company’s reputation and bring about a decline in consumer confidence overnight. An example of this is the recent case brought against British Airways by the ICO for a mass data breach in September 2018 affecting over 500,000 customers. Whilst a large fine is being imposed, BA are also set to be impacted with a decrease in consumer confidence and trust. Would your company be able to recover from a similar incident and would your customers understand?
Confidential information loss. Finally, a notable reason as to why you may want to start to question your IT managers around their use of PST files is down to the high risk it carries around a loss or leak of confidential information. Often, without thought or knowledge, employees within in a company might save or make copies of personal and confidential information within PST files. How would your company be affected if confidential information was leaked? Legal and HR managers, are you prepared for confidential information loss? View our recent scenario guide (link to scenario guide) to understand how PST files may lead to companywide confidential information, such as employee salaries leaked.
Therefore, we urge you to further your work and really question whether your business is safe and secure. Are you challenging your IT managers enough around personal data management?
Our next blog what can be done to prevent the dangers of PST files and limit business exposure from a HR & Legal perspective.