Data security tips

  • For a good source of advice in plain English on security go to the government and business sponsored website getsafeonline.org.
  • For computer security:
  • Install a firewall and virus checking on your computers.
  • Consider upgrading your operating system
  • Protect your computer by downloading the latest patches or security updates,  which should cover vulnerabilities
  • Only allow your staff access to the information they need to do their job and don’t let them share passwords 
  • Encrypt any personal information held electronically if it will cause  damage or distress if it is lost or stolen
  • Take regular back ups of the information on your computer system and keep them in a separate place so that if you lose your computers, you don’t lose the information
  • Don’t dispose of old computers until all the personal information on them has been securely removed (by using technology or destroying the hard disk)
  • Consider installing anti-spyware. This protects against software that can be secretly installed on your computers. It can monitor use, look for private information or even give someone else control of your computer.

     
  • For other security:
  • Shred all your confidential paper waste.
  • Check the physical security of your premises.
  • Train your staff:
    • so they know what is expected of them
    • to be wary of people who may try and trick them into giving out personal details
    • that they can be prosecuted if they deliberately give out personal details without permission
    • to use a strong password - these are long (at least 7 characters) and have a combination of upper and lower case letters, numbers and the special keyboard characters like the asterisk or currency symbols
    • not to send offensive emails about other people, their private lives or anything else that could bring your organisation into disrepute
    • not to believe emails that appear to come from your bank that ask for your account, credit card details or your password (a bank would never ask for this information in this way)
    • not to open spam – not even to ask for no more mailings. Tell them to delete the email and either get spam filters on your computers or use an email provider that offers this service

You can find more information about data security on our topic page titled Our approach to encryption , and for further guidance please read our Good Practice Note regarding Security of personal information.

Related downloads

Our approach to encryption

View the document library

FAQs

Read all our FAQs