Morrisons Lose Data theft appeal

A recent ruling has made Morrisons vicariously liable for the rogue behaviour of an employee who stole over 100,000 employee payroll records. Andrew Skelton was a senior auditor for Morrisons at the time of the data breach.  He had recently been officially warned about using corporate mailroom facilities for sending personal ebay packages. Mr Skelton was sentenced to eight years imprisonment in July of this year for the data breach. A couple of interesting points stand out from this landmark judgement, which went all the way to the UK Court of Appeal, where the original ruling was upheld against Morrisons: Firstly, the intent of the records theft was irrelevant - it didn't matter whether the motive was personal gain for the data thief, or reputational damage caused to Morrisons. Secondly, the Information Commissioners Office had originally found that no action was required under the Data Protection Act 1998 - the relevant legislation in force at the time of the offence: it took a class...
Read More

Bureaux – New and interesting conversations with your customers – CloudHub360 capabilities

As a bureau owner and document storage provider it's often a challenge to come up with a reason to contact your customers: they've been with you forever, and the 10,000 boxes you store on their behalf aren't going anywhere, are they?However, GDPR means that auditable record management is now no longer an option, but an imperative....While the trade-off between the cost of doing a good job in digitising the documents, and the perceived value of the information held has not previously stacked up, the GDPR means that there is not just a weak perceived benefit - Information accessibility -  but a stronger and more tangible risk: how can your corporate customer be sure, that when asked as a Subject Access Request for their Personally Identifiable Information (PII), that all the documents have been identified from those 10,000 boxes of records?What if you could introduce a service-based replacement for Manual QA that rapidly and reliably automates the process of classification and...
Read More

Your life in the ether…. Record Management Online

Memory is the treasury and guardian of all things. Marcus Tullius Cicero You may find some of the ideas suggested eight years ago interesting, and maybe still valid with the advent of GDPR. This was an idea for storing and managing all information - personal or corporate - in the cloud, using the very powerful HP RM (record manager) engine as a basis. The original is here  - apologies for the loss of images, which used to be in there. Your life in the ether.... Record Management Online November 03, 2009 HP Records – Record Management in the Cloud Record Management for the home, for small business, and the enterprise idea qualification Reach: How many people would this idea affect? - all those who, in their professional and personal lives, have a need for long term organisation, management, and eventual disposal of their critical personal or corporate information In other words, simply put - records. Depth: How deeply are people impacted? How...
Read More

“Zap My Data” …A $5000 dollar browser app that could break the internet?

A $5000 dollar browser app that could break the internet? What if, as part of the GDPR process currently generating so many dramatic headlines, someone developed a browser app that could automatically send a request for the return of all your personally identifiable information held by a site owner at the press of an orange button? Mock up showing request, delete buttons.. other websites are available! Behind the red button would be a request to be forgotten by the data owner and all associated information processors. I'll bet not many of these data aggregators would be geared up to handle that... Google are though... Embellishments could include a dashboard showing non-respondents in order of delinquency, with the option to alert the appropriate Data Protection Authority.  Robotic Process Automation (RPA) could be used to harvest the database of email contacts for each site, as well as storing the text content for the equiry/delete orders. Of course someone may have already developed this - if so, let...
Read More