Beruflich Dokumente
Kultur Dokumente
The Data Protection Act 1998. The Markets in impact of other sanctions the Information
Financial Instruments Directive. The Payment Commissioner’s Office (ICO) can take can far
Card Industry Data Security Standards. The outweigh this. For example, once a company
Copyright, Design and Patents Act 1988. The has broken the DPA, it can be forced to create a
Human Rights Act 1998. The Freedom of plan that details the steps it will take to ensure
Information Act 2000. The Financial Services such a breach does not happen again. If a
Authority. Sarbanes Oxley 404. company breaks the DPA twice, the ICO can
assign a government auditor who will investigate
Just a few of the UK’s, Europe’s and even US’ and create a legally binding plan the organisation
laws that have been passed that impact how you has to put in place within agreed timescales. But
have to deal with data. Sure, not all of these far worse than that can be the impact on brand
may apply to you – but the majority will, and when the news that customer records have gone
while looking through the mountain of various astray hits the news. Also, although the DPA can
documents that constitute these laws, it seem pretty toothless as a financial hit in itself,
becomes apparent that many of the needs of other professional bodies can take things further.
each law are not exactly compatible with the
needs of others. This was shown in a big way when the
Nationwide Building Society in the UK had a
And we also have to take in to account the fact laptop containing user details stolen from an
that it is not just laws like these that impact how employee’s home. This was a possible breach of
we deal with data. How about regulatory filings the DPA, but the Financial Services Authority
to HMRC or Companies House? How about the took over and fined Nationwide nearly £1m for
need for us to share information with our perceived lapses in data security.
suppliers and customers in a manner that meets
our own security concerns? How about industry However, copyright can be far worse. Although
standards such as ISO17799 and ISO9000, or the majority of organisations will realise that
more specialised standards such as ISO2000 illegally downloaded music and video files will
based on ITIL? How about the use of electronic breach copyright, few are aware of how much
data interchange (EDI), and the various file downloading takes place within the business
standards hidden under here, such as AS/2 or – generally to a local disk before being stored on
EDIFACT? the user’s device. Unfortunately, ignorance is
not bliss, and the organisation stands just as
Managing data is a perennial problem, but is much chance of being prosecuted for such
becoming more critical as data volumes grow, copyright breach as the individual does. With
and users become more proficient at blending courts around the world taking copyright
their work and leisure environments. With data breaches very seriously, it is a necessity to
growths being quoted as doubling anywhere understand the possible issues and potential
from weeks to months and still accelerating, how solutions to meet such problems.
we deal with data against the backdrop of such
legal and market regulation means that we have But the big problem for an organisation looking
to take a long, hard look at what we are doing. at how best to deal with data compliance issues
Lip service to the law is not recommended. is the choice of solutions. Sure, you can go to a
systems integrator and they will probably be able
Although the full force of the law is not generally to offer a project to address your DPA needs.
applied, the possible financial implications can be
hard. Take, for example, the UK’s Data Then, they’ll also be able to give you an ISO9000
Protection Act (DPA). Although the actual fine solution and perhaps strap on an ISO17799
for non-compliance is capped at £5,000, the package. But, unless each of these separate
Through researching perceptions, Quocirca uncovers the real hurdles to technology adoption – the personal and
political aspects of an organisation’s environment and the pressures of the need for demonstrable business value in
any implementation. This capability to uncover and report back on the end-user perceptions in the market enables
Quocirca to advise on the realities of technology adoption, not the promises.
Quocirca research is always pragmatic, business orientated and conducted in the context of the bigger picture. ITC
has the ability to transform businesses and the processes that drive them, but often fails to do so. Quocirca’s
mission is to help organisations improve their success rate in process enablement through better levels of
understanding and the adoption of the correct technologies at the correct time.
Quocirca has a pro-active primary research programme, regularly surveying users, purchasers and resellers of ITC
products and services on emerging, evolving and maturing technologies. Over time, Quocirca has built a picture of
long term investment trends, providing invaluable information for the whole of the ITC community.
Quocirca works with global and local providers of ITC products and services to help them deliver on the promise
that ITC holds for business. Quocirca’s clients include Oracle, Microsoft, IBM, O2, T-Mobile, HP, Xerox, EMC,
Symantec and Cisco, along with other large and medium sized vendors, service providers and more specialist
firms.