Against a background of sensitive information leaks that had reached unprecedented levels, this briefing discussed the implications of lost laptops, insecure systems, mislaid discs and, more generally, the exposure of sensitive information. Loss of data which should have been secure has had wide-ranging consequences: for individual citizens, for businesses and for government in terms of personal and senstive data being compromised.
As in other areas of information security, organisations have often been reticent or slow to invest in encryption and other security defences until, that is, they have been hit by a problem.
In November 2007, against the backdrop of high profile data security incidents across a number of UK Government Departments, the Minister for Finance and Personnel announced a Northern Ireland Data Protection Review to assess the effectiveness of data protection measures in place in Northern Ireland and to establish that appropriate and proper systems of information management and control are in place and functioning properly.
Since the conclusion of that review, a number of actions have been taken to improve personal data handling in Northern Ireland. A key area of that work included raising awareness of the many data protection issues currently facing the public sector in Northern Ireland.
This briefing was designed to bring managers up to date, to discuss with them the latest thinking and more secure methods of holding and handling potentially sensitive information.