The recent incident surrounding a local Police Constabulary’s mishandling of personal information at one of its local stations, and their subsequent financial penalty from the ICO, got me thinking in general terms about the importance of taking control of the information governance aspects of any organisation, be it in the public or the private sector.
Recent data breaches across various organisations beg the question – Why have these management teams waited until the horse has bolted before trying to close the stable door?
To borrow an analogy from Howard Bluff – “It wasn’t raining when Noah built the Ark.” These 8 words succinctly emphasise the importance of planning for, and taking the necessary steps against, impending catastrophes which can have significantly damaging impacts on an organisation’s reputation and perhaps just as importantly from a shareholders’ perspective, have huge consequences on the bottom line.
Many organisations in both the private and public sectors feel they have the procedures in place to mitigate any potential risk to their organisation in the broadest of terms. However, it is at a people level, that these data breaches occur.
Many of these organisations have left themselves open to breaches through their low priority policing of their policies and directives. Resolving the people issue is really hard and thats why we see regular challenges around this area in all organisations.
The irony is that most organisations who hire those top candidates based on their “proactive” characteristics, in fact adopt a completely “reactive” approach to information governance, perhaps the most important aspect of their business.
Information Governance has to become part of the business as usual aspect of every staff members day to day job.
Business Development Executive @MetaCompliance