IT Outsourcing Highlights Demands of Data Protection Act
A staggering 44 per cent of senior IT decision makers are said to be risking prosecution under the Data Protection Act (DPA) by using live customer data to test applications.
Jul 04, 2006
Using data for any purpose other than that for which it was compiled is strictly forbidden under the DPA, but research from Vanson Bourne indicates that many people remain oblivious to this stipulation.
Furthermore, 48 per cent of senior IT decision makers claim that they are only "vaguely familiar" with the Act, despite the fact that it has now been in place for around eight years. Vanson Bourne points out that this is particularly surprising given the number of high-profile security lapses in recent years – many of which have resulted in huge financial problems for the companies involved.
"Companies have had plenty of time to understand and implement robust data privacy measures since the Act was introduced eight years ago," said Ian Clarke, world wide enterprise solutions director, for Compuware.
"Unless they have rigorous procedures in place, they run the risk of live data being leaked to third parties. This can have severe repercussions on customer confidence and company reputation, and ultimately affect the bottom line," he added.
As the popularity of IT outsourcing continues to soar in the UK, a strong understanding of how to use customer data has become all the more important. IT outsourcing allows businesses to cut costs and drive business growth, but there are a number of issues relating to the DPA that need to be managed carefully.
The new report suggests that businesses can disguise the live data as a means of staying on the right side of the DPA.
"By exchanging known values, such as addresses, with other known values, customer data can be transformed so that it is unrecognisable from the original but can still be processed by the systems across the organisation, with important fields, such as postcode, left intact," it concludes.
Furthermore, 48 per cent of senior IT decision makers claim that they are only "vaguely familiar" with the Act, despite the fact that it has now been in place for around eight years. Vanson Bourne points out that this is particularly surprising given the number of high-profile security lapses in recent years – many of which have resulted in huge financial problems for the companies involved.
"Companies have had plenty of time to understand and implement robust data privacy measures since the Act was introduced eight years ago," said Ian Clarke, world wide enterprise solutions director, for Compuware.
"Unless they have rigorous procedures in place, they run the risk of live data being leaked to third parties. This can have severe repercussions on customer confidence and company reputation, and ultimately affect the bottom line," he added.
As the popularity of IT outsourcing continues to soar in the UK, a strong understanding of how to use customer data has become all the more important. IT outsourcing allows businesses to cut costs and drive business growth, but there are a number of issues relating to the DPA that need to be managed carefully.
The new report suggests that businesses can disguise the live data as a means of staying on the right side of the DPA.
"By exchanging known values, such as addresses, with other known values, customer data can be transformed so that it is unrecognisable from the original but can still be processed by the systems across the organisation, with important fields, such as postcode, left intact," it concludes.