Amicus ITS released its latest straw poll of staff views from their Totton Headquarters, regarding data security. This follows the spate of cyber security breaches reported in recent months in the news. Overseeing the latest poll, Head of Technology & Governance, JP Norman commissioned his Security & Compliance department to check with staff on the following two issues:
Q1 Staff were asked firstly, what they would do if a retail organisation (ie. Bank insurance, retailer) lost their personal identifiable data information (including financial data).
96% of Amicus ITS staff said it would cause a complete loss of trust and influence them to stop using that organisation again, whilst 4% said they were undecided.
Q2 The second data security question put to staff, asked whether they would consider removing or withhold an organisation’s right to their data, if personal identifiable information was lost by a Public Sector organisation, institute or employer including healthcare records, employment or financial data.
In this response, 89% of staff said they would consider withholding their data.
The higher return in Q1 suggests a greater confidence and sense of control felt by people in moving an account, or simply voting with their feet commercially by not transacting again with that breached organisation.
The second result is pretty much as anticipated, with a perhaps more wary approach to withholding information (say from a GP or hospital), even though people have the entitlement to do so through the Data Protection Act 1988.
As reported in our blog of 28th May, the growing awareness of the potential frailty of large organisations without good data control, tight security policies and fast response teams, may see a change demanded by the public, unless the organisation takes a proactive stance.
With the value of healthcare records considerably higher due to the volume of personal information they contain including Social Security numbers and insurance details, the worrying realisation is that there is a very real possibility of fraud against an individual or false record creation 10-15 years down the line.
There are a number of checks that people can request to verify how their PII data is handled which we will cover in future weeks.