Simon Clayton: Take out the papers and the trash

Simon ClaytonReftechData protection
Stock-phone-new-resized.jpg

Simon Clayton, chief ideas officer at RefTech, on the importance of ensuring sensitive data is deleted completely.

 

We live in a busy world, and the transient nature of our industry can mean that we are quick to move on to our next event. But before moving on, it’s worth making sure that your policies and procedures include tying up some loose ends.

 

It can be tempting to keep registration data indefinitely because you never know when you may need it, but the more data you have stored, the more likely you are to be hacked – especially if it is spread out on multiple servers. If you keep data longer than you need it, you will also be in breach of data protection laws, so make sure you have a data deletion policy and that you stick to it.

 

When you do delete data, ensure it is done properly. Last month Blancco Technology Group purchased 200 second-hand hard disk drives from websites (including eBay) and found that two thirds (67 per cent) contained personally identifiable information and 11 per cent contained sensitive company information, including social security numbers, CVs, company emails, CRM records, spreadsheets containing sales projections and product inventories.

 

Two in five of the drives (36 per cent) did show evidence of an attempt to delete data (either by dragging files to the Recycle Bin or using the delete button) – but data can be easily recoverable so this information was still available to see by anyone who had just a smidgen of technical knowledge. Out of the 200 hard drives only 10 per cent had done the right thing and had a secure data erasure method performed on them.

 

To avoid this scenario, use a professional data processing company and ask them to confirm in writing that your data has either been deleted or ’put beyond use’. Deletion must mean that the data genuinely no longer exists. It should not have been dragged to the trash, remain visible behind a URL, or reside on cloud storage as part of the organisers’ archive.

 

The concept of data being put beyond use covers situations where, for example, data on physical media has been deleted and overwritten with new data, or paper files are in a secure warehouse awaiting shredding. Put beyond use means no one outside the data controller has access to the data, and no one, including the data controller, is actually processing it. If a data processor failed to delete your data as promised, having written evidence that you believed in good faith that your data had been deleted or put beyond use would afford you some protection.

 

Back ups are another issue to think about. Most companies back up their data – so even if data has been deleted, it may still be available via the company’s back up system. Data theft from backups is almost always the result of preventable human error. In 2007, HMRC famously lost two CD-ROMs containing the backup data of all UK families claiming child benefit.

 

The records contained information on an estimated 25 million individuals - nearly half of the UK’s population. The CDs were sent through HMRC’s internal courier service without proper encryption and using only easily broken password protection. While the CDs were never located and the data apparently never compromised, the damage was done. Every family in the UK had to be put on fraud alert.

 

HMRC’s internal data protection manual, at the time of the 2007 data breach, was restricted to civil servants; the junior staff who, as in any organisation, did the actual grunt work had only been given slogans about respecting confidentiality.

 

So have a data deletion policy and ensure that all of your events staff, including zero-hours contractors and volunteers, have training on your data protection procedures.

 

For more information and advice on data protection within the events industry, download our free white paper:

 

www.eventreference.com/promo-www/datasafety/download.php

 

 

Simon Clayton
Posted by Simon Clayton
PopularComments
Twitter Facebook Google+ LinkedIn

Related Stories

Others on EN

Good practice with data

Good practice with data

Simon Clayton, chief ideas officer at RefTech, on being open, transparent, and accurate about what you are doing with the data you handle.
Beware of the punter

Beware of the punter

Trevor Punt, managing director of TBG Group, on the rise of the stereotypical punter and the need for nerves of steel.
Peer to peer

Peer to peer

Will Broadfoot, director of Footfall Events & Marketing on unlocking exhibitor potential and improving participation.

WATCH THE EN AWARDS 2016 HIGHLIGHTS


silverstream.tv

Most Read Stories

Lourda Derry: Making the connection

Lourda Derry: Making the connection

Lourda Derry, director of Easyfairs UK addresses the science behind operations and the profile of our audiences.
Steve Monnington: The Dealmaker in March

Steve Monnington: The Dealmaker in March

Steve Monnington of Mayfield Media Strategies, runs the rule over the latest global exhibition deals.
Helen Lowe: Marketing déjà vu

Helen Lowe: Marketing déjà vu

Helen Lowe, events and marketing manager at Europa International, talks about the importance of keeping up with the creativity amidst the chaos.

Latest News

Revenue rise for Ascential since IPO

Revenue rise for Ascential since IPO

Events and publishing group Ascential plc has had a ’a good year with strong organic growth’, driven by the launch of new products.
Record breaking 2016 for Event Marketing Solutions

Record breaking 2016 for Event Marketing Solutions

Global roadshow specialist Event Marketing Solutions (EMS) has announced a record-breaking financial year, with profits reaching £1.04m for the year ending December 2016.
VisitBritain launches new Business Events @ExploreGB event

VisitBritain launches new Business Events @ExploreGB event

VisitBritain has announced the launch of a one-day event, to promote Britain as a business events destination to international buyers.

Latest Features

Come to Confex and be inspired

Come to Confex and be inspired

The exhibition and events industry is all about the power of face-to-face, the art of exhibiting and networking with old friends and new, which is why EN would like to personally invite you to attend International Confex to learn more.
When is the right time?

When is the right time?

It’s all very well having a successful show, but how do UK exhibition organisers replicate their success across the country and overseas? Three event profs share their experiences
Stand and deliver

Stand and deliver

When it comes to exhibition stands, the only limits are the exhibitor’s imagination (and floor space and budget), three stand building firms tell EN.

Latest Galleries

100% Optical 2017

100% Optical 2017

More than 8,000 visitors arrived at ExCeL London on 4-6 February for the fourth edition of 100% Optical. The show featured more than 175,000 frames, catwalk performances and a comprehensive education programme.
Cumbria Flood Expo 2017

Cumbria Flood Expo 2017

The inaugural Cumbria Flood Expo, organised by flood emergency response charity CERT UK, took place on 2-3 February at Carlisle Racecourse.
Mexia Communications at 10

Mexia Communications at 10

PR and content marketing agency Mexia Communications celebrated its 10th anniversary with a Mexican Fiesta at the Royal College of Physicians on 26 January.