The 7C Alliance recently hosted a presentation on Information Security and the Data Protection Act, which was given by Mike Barwise, a member of the 7C Alliance. This presentation clearly covered the finer points of the recently released British Standard, BS 10012:2009 Data protection – specification for a personal information management system.Content wise, this could have been a very academic presentation, but Mike struck a nice balance between the information presented, combined with the real world application of this information and he also managed to keep the potentially dry material up beat and interesting with his personal insights and a dose of good humour.
As Mike clearly put it “The many thousands of smaller businesses that generate the bulk of the UK’s commercial income are faced with a hard task in complying with an increasing burden of regulatory obligations, one of the major components of which relates to information management. The least understood obligations are those relating to the conduct of business over the web and to the management of customers’ and employees’ personal data. The Tangled Web presentation provided a brief overview of the nature of these obligations and suggested an approach to their management, from the position that robust measures distributed among and integrated into established business processes are simpler, more cost effective and safer for the business and its customers than an independent ‘stuck on’ mechanism for formal ‘compliance’.”
Mike delved into such specifics as:
- General disclosure rules such as how important it was to disclose your business name and other particulars on all documents and correspondence
- Some of the considerations that need to be given by businesses who collect client personal data along with the 8 guiding principles for collecting such personal information
- Cloud computing and some of the legal and security issues that businesses can face with putting personal data ‘in the cloud’
- Some of the legal obligations in complying with the various Acts related to Information Security and Data Protection in doing business over the Web.
With Mike tying his talk into the BS 10012:2009, he provided a clear reference point with standards that should be adhered to. Comments arose for a number of attendees that it wasn’t just about compliance, but in fact was good business practice and in many cases, adhering to these standards would improve the marketing of their business and provide clarity to potential customers.
By keeping the presentation firmly in the realm of business, Mike prevented some of the technical aspects from overwhelming and made the entire presentation easily digestible.
Comments received from attendees included:
“Necessary stuff for the savvy contractor to be aware of and if I had the opportunity to hear Mike speak again, I would definitely do so.” Stuart Brown
“Michael’s integrated approach to information security – by making sure it meshes in with the business processes and is not just done as an afterthought – has proven itself to be excellent for helping me with not only improving the information security and data protection that I provide to 7C Alliance members (i.e. not just simply focus on complying with the letter of the legislation), but has also had the unexpected benefit of helping me improve how I market 7C Alliance’s services to members as well as better manage relationships with them.” Matt Miller
“A good public speaker who made his talk funny, interesting, relevant and easy to listen to.” Graham Bishop
“The benefits I got from the talk on Information security were two fold. Most importantly, as a web developer in training, I believe it is important to be able to consult with the client with the content that should be made available on the website, as well as the smaller technical issues such as ‘readable’ font size. Knowing the security requirements and regulations adds value to the service that I can provide to prospective clients and that gives me a competitive advantage. Who would have thought that using the ‘Cloud’ services for data storage and other regular office activities could potentially get you into some serious legal trouble!” Adele Coetzee
All in all, a very enlightening presentation and one which gave much food for thought on the topic of Information Security and the Data Protection Act.
The 7C Alliance is happy to run another seminar where the costs of Mike’s time are shared by the attendees. If interested, please visit the 7C Alliance Contact Us webpage, select the General Enquiry option and indicate that you are interested in attending a Tangled Web Talk.
Alternatively, at an affordable daily rate of £500, Mike is available to look at a business’ online presence and analyse how to integrate information security and data protection aspects into that business. He will also provide a detailed report specific to that business. Mike can be contacted via LinkedIn or through his company, Integrated Infosec.
A big thank you to Mike for presenting this talk and to Matt Miller for organising the event and venue (the rather brilliant Tabernacle). Finally, thank you to James Brenan from Cubism Law for supplying the IT security contact – we will look at covering the legal aspects of IT security in more detail with future talks.
Written by Stuart Brown, on behalf of the 7C Alliance.
Tags: business, Contractors, data protection, e-commerce regulations, Information Security, Seminar, web content
Copyright © 2012 7c-alliance.com Blog All rights reserved. Amazing Grace theme by