This month we are here to share some terrifying tales of what happened when data destruction went wrong.
Secure data destruction should be a key part of a document management process. All too often businesses leave it to chance and could therefore be just minutes away from featuring in their own horror story about customer data getting into the wrong hands.
So with that in mind, are you sitting comfortably and ready for some real life stories that will keep you awake at night thinking about whether or not you disposed of your data correctly?
Horror in a Hospital
If there’s one type of documentation you need to destroy securely it is personal and sensitive information; but for the victims of this data disposal disaster that wasn’t the case. In 2012 Brighton and Sussex University Hospitals NHS Foundation Trust attempted to dispose of 1,000 computer hard drives containing sensitive sexual health and staff data. Their negligence resulted in 252 of the drives being sold on an internet auction site, data intact.
The cause; a series of contractors subbing the work to each other. The result; a destruction process with no overall control or audit trail.
The punishment for this hospital horror was a £325,000 fine, which as of 2012 was the highest ever fine issued by the UK ICO.
As a parent how would you feel if documents about your child weren’t properly managed by their school?
Portland Aldridge Community Academy had been using a shredding service offered by Portland Young Offenders Institution. The prisoners destroy non-sensitive documents to produce flammable briquettes out of shredded waste.
A procedure failure meant that the Academy faced the consequences from parents and official channels when documents containing school trip details were not properly shredded and subsequently destroyed.
Thankfully in this case nothing resulted from the lack of proper process, but surely any and all documents from schools should be treated as sensitive and managed by data management experts.
Unlike Leatherface, the classic villain from the Texas Chainsaw Massacre, who’s weapon of choice was a chainsaw; this modern day villain uses a different type of hacking to commit his or her crime, computer hacking.
Nowadays there are many ways to prevent personal and confidential data being hacked but unfortunately for the customers of high street and online shoe retailer, Office, a lack of security measures in the disposal of an outdated database left personal data easily accessible to the pesky fingers of a hacker.
The data which included, customers’ contact details and website passwords, was left on an unencrypted database that was due to be decommissioned. The database wasn’t correctly disposed of leaving the personal data of over 1 million customers easily accessible.
How are you feeling about your data management processes now?
At Scan Film or Store we want to make sure that you don’t become a character in your very own horror story.
So if you are concerned that your document management procedures have the potential to form the plot of the next horror blockbuster get in touch.
We can review what you currently do and give expert advice on confidential shredding, hard drive data disposal, or permanent destruction of CD, DVDS or microfilm.
It’s a bespoke and horror free service – just call 0800 008 7229 to find out how we could help.