Victim support charities' data 'not being adequately protected', says information regulator

26 Jan 2015 News

Charities associated with the Victims Services Alliance (VSA) must take more steps to comply with data protection requirements, according to a report by the Information Commissioner’s Office (ICO).

Data protection

Charities associated with the Victims Services Alliance (VSA) must take more steps to comply with data protection requirements, according to a report by the Information Commissioner’s Office (ICO).

The report follows a study of five of the 69 charities and voluntary groups that make up the VSA. It found that although staff showed good awareness of the requirement to keep data safe, member organisations faced a “unique challenge”, due in part to the high volume of temporary staff and volunteers.

The study found cases where USB sticks and personal computers were "not being adequately protected" and recommends a number of ways for VSA organisations to bring working practices in line with the Data Protection Act.

Measures include the appointment of a "data controller" - a staff member responsible for the security of personal information - and the implementation of a formal remote working policy “to ensure personal information continues to be handled correctly outside of the office”.

Portable and mobile devices being used to process personal information, “must use approved encryption software”, the report said.

The study also found examples where sensitive information was "archived in the loft of employee private premises" and where “information was being retained for longer than necessary”.

Some 11 per cent of manual records and 15 per cent of electronic records are “held indefinitely”, in “breach of the 5th principle of the Data Protection Act”, the report said.

ICO good practice group manager for the criminal and justice sector, Victoria Heath, said: “Members of the Victims Services Alliance face a difficult challenge when it comes to looking after personal information. They often rely on a regular stream of volunteers to provide support to the victims they care for, while handling sensitive details relating to the abuse or mistreatment of vulnerable people.

“This creates a unique challenge and one we are pleased to say many organisations are meeting. Nevertheless, there are still a number of areas where organisations could be doing more to keep people’s information secure.”

The survey examined data protection practices of five of the 69 VSA member organisation and the results of a data protection survey responded to by 27 representatives from other VSA members.

Emily Corfe

591 articles

Victim support charities' data 'not being adequately protected', says information regulator

Emily Corfe

Commission removes refugee charities’ trustee details amid ‘far-right’ threat

Cancer Research UK tops YouGov’s charity brand rankings

Heritage charity has bank accounts frozen as gift from former trustee investigated

Hedgehog charity raises £30,000 in bid to survive after loss of shop

National Trust among charities to warn government over new consumer rights rules

Regulator investigates financial concerns at supported housing charity

National Trust among charities to warn government over new consumer rights rules

Commission removes refugee charities’ trustee details amid ‘far-right’ threat

CAF Bank offers £25 payments to charities complaining about new service

Grantmaker warns proposed cuts to London councils’ funding could impact charities

Search

Browse

Topics

Communications

Finance

Fundraising

Governance & Leadership

Policy & politics

Technology

The Charity Awards