information security
The latest (free) edition of Information Age www.information-age.com includes an advert for a forthcoming conference on information security www.infosec.com. There are a few major companies providing case study presentations, and lots of suppliers that I have never heard of. I suspect that some of these suppliers will become better known. While there are no charities listed under the case studies, there is one NHS Hospital, and a Borough Council.
An article in the magazine refers to a recent report from the Information Commissioner’s Office on the privacy of data. www.ico.gov.uk. The report explains how to put a value on personal information. If you can show the value of the information, that can help to develop a business case for investing in protecting that personal information. The report suggests that the average cost to the victim of any data loss is approximately £450 to £1,050. For organisations, there is also the possible cost of “brand damage” and subsequent loss of income.
You can download the PDF file of the report. Check out the business case for protecting personal information. There are calculation sheets for working out the value of personal information (to the individual, the organisation, other parties, and society as a whole), and “privacy failure costs”. The report includes a section on “personal information value as an asset to a charity”. In the example shown, the cost of re-acquiring lost data is estimated to be around £450,000.
How much is your data worth?
While the Charity Commission and the Office of the Scottish Charity Registrar are listed in the “non-exhaustive list of common UK regulators, trade organisations and associations that compel or recommend compliance with the Data Protection Act 1998”, there is no mention of the Institute of Fundraising.
Finbar Cullen
ResearchPlus
Advertisement