The Register® — Biting the hand that feeds IT

Feeds

BCS writes data Highway Code

Mirror, signal, burn to disc

By John Oates, 2nd June 2009
  • print
  • alert

Agentless Backup is Not a Myth

The British Computer Society has created a Personal Data Guardianship Code to help businesses and individuals deal responsibly and safely with private information.

The guidelines follow two years work during which there have been a series of major losses by government departments, private firms and even secret agents. Most of the losses have been caused by the failure of people to follow even the simplest data protection principles, yet they have in no way dented government enthusiasm for ever more databases and more data sharing.

The BCS lays out best practice for people dealing with data as well as explaining the responsibilities of holding such information.

The code includes reminders that people or organisations holding data should be accountable, be clear about what data they hold, get consent to collect that data and act as a responsible steward for that information. Organisations should have a written code of practice for data collection and privacy which is followed and monitored by the board of directors.

The code also explains the rights of individuals in respect to their data - what you have the right to see, to correct and how you can opt-out of some databases.

None of the advice is very revolutionary, but it is laid out in a clear and simple way. Maybe its even clear enough for senior civil servants and politicians to read.

The BCS got involved in lobbying against the Coroners and Justice Bill which aimed to ease data sharing between government departments.

You can download the complete code from here. ®

What you need to know about cloud backup

COMMENTS

House Rules Send Corrections
All Reader Comments (14)
Latest Comments
Fraser

@AC 14:18

By far the most OSes installed in business are by MS, can you now clarify why an industry body shouldn't have a pro-MS stand, or would you like them to be anti the company that supplies most of their members' work?

Having said that, without exception all of the people that I know who are in the BCS in one way or another are FOSSers/UNIXers/Mainfram-ers who happen to use MS software as well. You almost certainly wouldn't get very far in BCS if you maintain an anti-anything stance, let alone anti-MS, because it would show how out of touch you are with business needs.

Also why should a working scientist automatically get anything from BCs? The only thing you can automatically get is membership, anything else you have to prove that you are worthy of.

And, their web site does take electronic payments from the usual suspects.

0
0
Martin Nelson

@David England

I'm living in Merseyside at the moment and I can tell you that, working as a web desginer/developer (albeit freelance) and knowing several other developers, designers, coders, IT expert etc, etc, the BCS is still out of date and what's worse very few people in Merseyside actually recognise them. Add that to the fact that Merseyside is not exactly cutting edge all you have is a moot point. Sorry.

Have done some consultancy work a while back I drafted up a document that was just 5 pages of text. Most of that was bullet points and short paragraphs in plain english. Put simply I told them, to read the document or in leiu of the 'Don't be Stupid'. The fact is that a USB thumb disk/drive is easy to lose, add to that there is often a misconception that just because you can use Microsoft Office you are computer literate means that often those who are meant to implement security plans don't know how to. Hell even the ECDL doesn't go into preventative/security measures and that's a manditory requirement for many Gov depts.

The simplest thing is that there needs to be greater levels of education and CPD that instructs both business owners and employees in the basics. Virus scans, password protection of removeable media, correct deletion proceedures.....you know the simple, yet 'oft overlooked things!

IT because at one point it stood for INFORMATION TECHNOLOGY, now it's IDIOTIOTIC TRIUMPHS

0
0
teacake

Reading the advice...

"There should be an audit trail within the organisation showing who has actually accessed personal data. "

Who currently does this? It would result in a lot of data being generated, is this something that is regarded as good practice for all organisations or just those working with particularly sensitive data e.g. medical, financial?

0
0

More from The Register

SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
116
breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
124
breaking news
Jailed LulzSec hacker Cleary coughs to child porn images, will be freed soon
Some images of infants as young as six months
68
NSA whistleblower to tech firms, Obama: 'Grow a pair!'
Ed Snowden: Email tracking grabs 'IPs, raw data, content, headers, attachments, everything'
66
breaking news
Ecuador: All right, Julian, you CAN stay on our sofa - it's your human right
Minister and Wikileaker share cosy chat in tiny London flat
65
Google flings another £1m at online child sex abuse vid CRACKDOWN
See, see, we're trying, ad giant tells Daily Mail UK.gov
41
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Not just telcos, THOUSANDS of companies share data with US spies
It's all perfectly legal, trust us
68