KPMG warns of data protection crisis

KPMG has warned both public and private
sector organisations that they are facing a data protection crisis that will
affect the way they store paper-based files.

The firm issued this warning because the ‘Transitional Relief’ exemption that
applied to files created prior to the
Protection Act 1998
(DPA) will come to an end in six months’ time.

It said organisations with significant amounts of paper based records will
struggle to comply with simple requests from members of the public who want to
know who has access to their personal data, whether it is accurate, and gain
confirmation that it is stored securely.

Failure to supply this information within 40 days will breach the DPA and
could damage the organisation’s reputation.

‘At a time when identify theft is a growing problem, custodians of our
personal information hold a position of trust,’ says Steve Kenny, privacy
services leader with KPMG.

‘We are concerned that many organisations have not grasped the potential
scale of this problem. Companies need to understand very quickly how exposed
they are, before the relief period comes to an end. Worryingly, many internal
audit and compliance functions may have let this slip off the radar.’

Further reading:

Heads in the sand over fraud

Accounting: The key to data

Technology: no time to waste

Related reading