Click here to load reader
Upload
ashlyvic
View
24
Download
0
Embed Size (px)
DESCRIPTION
Firms practicing Data protection consultancy offer advice to their clients on how to protect their data and also how to avoid the risks that come with data insecurity.
Citation preview
Compiled from
Rigor Systems
http://rigorsystems.com
http://rigorsystems.com
Aspects available in Data Protection Consultancy
If you are a business owner or a company, then I believe that you really need to protect your
company or business information by seeking the services of data protection consultancy
firms. These firms are led by professionals in the field of data protection and they understand
the ethics of their work.
Being professionals in the field, they understand the laws that govern data protection and
will be able to offer guidance on how to safeguard your data without getting on the wrong
side of the law. They will help you assess the current state of compliance and also enable you
receive advice on how to improve your policies and procedures which will inturn help you
avoid the risks that come with data insecurity.
Aspects of data protection
1. Staff training
Data protection consultants will help you train your staff so that they can get to grips and
understand the importance of data protection. They will do in such a way that the staff will
understand and see it as a benefit to the business and not an extra task that they need to
take on.
By ensuring that your staff get appropriate initial and refresher Information Security training
so that they understand the potential risks to the business and training on their data
protection obligations will go a long way in helping you to meet your obligations under the
7th data protection principle.
http://rigorsystems.com
2. Internal policies and procedures
Every organisation should have its own internal policies and procedures. These policies and
procedures which involve monitoring individuals or the processing of the personal data will
not need to comply with the data protection act. A code of practice exists called the
Employment practices code of practice as well as supplemental guidance in the case of
employees the information commissioner has produced. Also available is a small business
quick guide.
In the case of a sole trader for instance it may not be appropriate to have a formal policy.
This is because the larger the organisation the more likely it is that a formal policy will be
required.
All organisations irrespective of the size should also have procedures in place for business
continuity and security incidents investigations. Depended on the size of the organisation it
may also be appropriate to have procedures covering the granting of access to systems or
system permission.
3. Records management
http://rigorsystems.com
Records management is the effective control of your records, throughout their life cycle, as
long as that information;
Is available when and where it is needed
Is stored in a well maintained environment
Is kept in an organised and efficient manner
Is destroyed in a timely fashion when it is redundant
Is available to meet any statutory and financial requirements (e.g. maintaining
evidence of and information about your business activities and transactions in the
form of records.)
4. Business continuity
Ask yourself if you would be able to carry on with your activities in the event that your
business caught fire, if there was damage to your stock, if one of your key personnel
suddenly fell sick or if your IT systems failed?
Whether you are a sole trader or a large multinational company having a tried and
tested business continuity plan which has details of the steps to be taken in the event of
an incident will go a long way to help your business continue to operate and recover
more quickly.
5. Information security
http://rigorsystems.com
Information security is a key component of data protection compliance and forms part of
a wider discipline known as information assurance.
It is recommended that a risk based approach to information security should be adopted
to ensure that the measures taken are appropriate to your organisation and the types of
data you are processing.
Well the above are some of the aspects of data protection consultancy which can help
you secure your business information.
http://rigorsystems.com
For more information please visit:
http://rigorsystems.com