Customers’ data found not to be safe and secure

Safe & Secure has agreed to improve the way it deletes client information from its hard drives after the Information Commissioner’s Office found an old hard drive still contained customers’ personal information.

The protection provider says it was unaware the information was still on the drive after donating computers to local schools and charities.

In December 2010, the ICO asked a computer forensics company, NCC Group, to analyse around 200 hard drives, 20 memory sticks and 10 mobile phones bought from internet auction sites such as ebay and computer trade fairs.

Some of the hard drives contained scanned bank statements, passports, information on previous driving offences and some medical details.
A spokesman for Safe & Secure says: “Our data controller co-operated fully with the ICO and agreed to undertake some improvements, which included forensically wiping hard drives before disposal.

“It was not considered appropriate or necessary by the ICO to take any formal action against Safe & Secure.”

He adds: “I urge all individuals and companies using computers to familiarise themselves with data protection requirements, ensure hard drives or media devices are destroyed and keep a record of how hard drives are decommissioned.”