Better safe than sorry
Ah nostalgia! It seems only yesterday that one couldn’t move in a railway carriage or in a bar without tripping over a laptop containing state secrets or slipping on a discarded disc containing the name, address and banking details of every UK child benefit claimant.
Now in these straitened times, when the chill wind of the credit crunch howls around the City and the BBC accounts department awaits Robert Pestons overtime claim with anxiety, its important that we dont forget our own responsibilities to data security.
Im sure that everybody reading this considers that they are fully on top of their responsibilities — but are you? Those with a sharp eye may have noticed a small article on the news in September about a well known market research company whose confidential medical records ended up poking out of council recycling skip.
In the course of an office move the wrong papers were given to the contractor and, instead of disposing of them sensibly in a shredder, they simply shoved them in the recycling along with all the old copies of Grazia and The Daily Mail. Of course the agency was appalled and the records were eventually destroyed but it goes to prove how easy it is to get caught out.
And what price customer lists provided by clients? These days theyre getting much better at password protecting the excel sheets they send over but still the odd list slips through unprotected. Do you automatically then add a password? I should say it probably isnt the first thought for many of us.
This isnt intended to be a lecture; few things are more dull than a spot of finger wagging in the trade press, but maybe now is a good time to check that data is being stored or disposed of securely.
The MRS has a useful Basic Guide to The Data Protection Act. Its never going to be nominated for the Bollinger Everyman Wodehouse Prize for Comic Writing but it contains all the information youll need to keep one step ahead of the legal requirements. With that at your side, apart from keeping on the right side of the law, the rest is really down to common sense and vigilance.
Destroy lists when theyre no longer needed, make sure that any recycling contractors actually shred documents rather than dumping them, encrypt where possible and dont leave your laptop on the train. Finally, imagine that it was your personal details that were being used for your project and then ask yourself if you would be happy with the way they were being handled. Just a thought.
MD, Safari Research Ltd
This article was first published in InBrief magazine, November 2008
Copyright © Association for Qualitative Research, 2008