The financial data divide: regulations are not having the desired effect

As increasing numbers of businesses and individuals manage their finances on mobiles and online, the need for stringent financial data protection laws is more pressing than ever before.

According to new data – obtained by Artmotion via a freedom of information request –  over the last five years 14,000 data protection complaints were made against the financial sector in the UK, including several directed at Barclays, HSBC, Lloyds and Nationwide.

More than a quarter of these complaints were made in relation to the security of data or the unlawful disclosure of data. The data, provided by the Information Commissioner’s Office (ICO), also shows that the financial sector received more complaints than any other industry in the UK over the same time period.

Despite this, less than 0.1% of those complaints have resulted in criminal prosecutions, and less than 0.5% have led to any enforcement action on the part of the ICO.

>See also: Five things you need to know about the proposed EU General Data Protection Regulation

These findings suggest that the current data protection regulations are not tough enough to enable enforcement agencies to deliver real protection for the data held by financial organisations.

Globally, the UK currently ranks just behind the US for data breaches. What differs between the two nations is that whereas in the US laws and regulations force organisations to admit when their data breaches impact upon customers, it seems that the UK, and perhaps even the EU for that matter, are unable to provide adequate government protections or meaningful enforcement for breaches.

This is especially troubling as, in the financial sector, data protection is of even higher significance than in other areas. The financial services industry has a responsibility to ensure that the personal information they manage is protected in a highly secure way.

Strong encryption and data security should be vital parts of an organisation’s core business strategy – both in terms of defending their customers’ rights, and in protecting their own corporate assets.

At the end of the day, privacy is a right. Customers want it and businesses should want to provide it. The only question for IT departments is – how?

The advantage today is that as data hosting becomes less and less dependent on physical location, organisations are increasingly given free reign to store their data wherever they choose.

This means that – through sensible hosting decisions – businesses can start to regain control of their data security. This freedom means that organisations can choose to host data exclusively in high-security data centres, without the constraint of where that data centre is based.

In addition, businesses can also choose to move their data to countries where individual privacy is taken seriously and governed by stronger legislation.

When it comes to highly sensitive financial information the fact is that, for many organisations, data privacy is better served by moving their data hosting to countries outside the UK and even outside the EU.

Countries such as Switzerland have far stronger regulations when it comes to data privacy and security and can offer more comprehensive protection in high-security data centres, offering the latest encryption technologies and dedicated servers.

 

Sourced from Mateo Meire, CEO, Artmotion

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data