Data security - responding to information requests

The nightmare security scenario

In April 2018, a London council received a hefty six-figure fine for a breach of personal data. The council had accidentally, nevertheless unlawfully, identified 943 people, who owned vacant properties in their London borough, to three journalists.

The breach occurred when three journalists requested statistical information under the Freedom of Information Act 2000 (FOIA). The request for statistical information was valid. What the council returned to the journalists, however, was inappropriate.

The stats had been derived from source information in an Excel file, and the response had also been sent as an Excel file. A pivot table had been used to extract the required data, but because the Excel file hadn’t been sanitized before it was sent, all the source information became available to the journalists.

Hey presto - a breach of personal data and a mistake that’s costly, but exceptionally easy to make.

The solution

When responding to Information Requests, only the minimal data set required should be sent to the requesting party. The data set can be minimized by removing all metadata and converting the documents to a non-editable format (i.e. PDF). Had the council, discussed above, taken their Excel file and converted it to PDF, they wouldn’t have had the data breach and they wouldn’t have had the six-figure fine.

Establishing a content policy

Yes, the person responding to the request for information could have taken the document they prepared and converted it into a non-editable format (i.e. convert it to PDF). However, this is still prone to human error – people are busy, and people get stressed, so people forget.

It’s much easier and more fail-safe to use a solution like Workshare Protect Server.

The action for this council here - or anyone else vulnerable to the scenario - would have been to set up a default email policy operating from their email server for the team who respond to FOI requests. This default policy could automatically removeallmetadata on outgoing email attachments and convert them all to PDF format, effectively flattening the data, so there is nothing else for prying eyes to dig into.

Another option would be to have an organization-wide FOI password assigned to documents, which would further strengthen the protection of the information contained within them.

Post a Comment

Add your comment