BSIA research shows no room for complacency in schools’ disposal of confidential data
Tuesday, 19 June 2012 2:40 PM
New research carried out on behalf of the Information Destruction (ID) Section of the British Security Industry Association (BSIA) highlights the worrying approach that schools are taking to sensitive data disposal, exposing gaps in provision that could potentially leave educational establishments open to problematic data breaches and identity fraud.
There is certainly no room for complacency, as 79% of those surveyed said that the threat posed by lost or inadequately disposed of data had either increased or stayed the same over the past 12 months. In addition, 34% of school staff reported that they did not receive training or guidance regarding data protection issues.
The research surveyed the experiences of head teachers, deputy heads, teaching staff, bursars and administrators from nearly 100 schools across the UK, and revealed that their biggest concern was - perhaps not surprisingly - student records at 79%. Some way behind this was financial data at 11.5%, whilst staff details were selected by 5.2% of those who replied.
A concerning fact thrown up by the research is, crucially, that only 34% of schools confirmed that they were using a professional company to oversee the destruction of their confidential data, which means that 66% either were not or did not know. For those who were using a professional provider, just over half knew if this sensitive task was being undertaken by an operator that met the key European standard in this area - EN15713.
Looking at what material was most challenging for schools to dispose of, the survey results were nearly equally split between paper on 47% and data processing related media - CDs, DVDs and memory sticks - on 46%, showing that traditional materials like paper still account for a significant proportion of schools’ data disposal requirements.
The survey also aimed to identify where responsibility lay within schools for ensuring compliance with information destruction requirements such as the Data Protection Act. For this, head teachers held a substantial lead at 57%, more than everyone else combined. Bursars also were prominent, being highlighted as the key figure in 9.4% of cases.
Said Anthony Pearlgood, Chairman, BSIA ID Section: "The results of this survey serve to underline the fact that educational establishments need to place a renewed focus on how they deal with information destruction. Given the repercussions when things go wrong it is imperative that this process is handled in a professional manner and, where it is being outsourced, that searching questions are asked to ensure that any provider is actually working to the pivotal EN15713 standard.
"In addition to the findings from the school-focused survey, we also conducted parallel research to find out what members of the BSIA's ID Section where seeing on the ground in their dealings with a wide range of education providers in this security-critical area. The education sector is certainly a key market for our members with 87% confirming that they have supplied services to this area over the past year. Of these, 71% said they had seen their business increase or stay the same in this time. Where there was an increase, this was attributed by members to a greater awareness of the risk of data breaches.
"Our members also said that the key decision makers in schools on this issue were the head teacher and bursar, paralleling our separate school survey. With the sector survey we also wanted to find out how education customers had been handling information destruction prior to using a BSIA member. Interestingly our members reported that in their experience 43% of cases involved local authority or general waste for disposal - far from ideal - and, worryingly, only 14.3% of educational establishments were actually relying on a provider of a similar quality level to a BSIA member company. Again, these findings are in line with the school specific survey."
A video of Anthony Pearlgood talking about the research findings can be viewed on the BSIA's YouTube Channel http://youtu.be/zqoc0ACRydQ
For more information on secure data destruction and best practice please visit: http://www.bsia.co.uk/shredding
Editors Notes
The British Security Industry Association is the trade association covering all aspects of the professional security industry in the UK. Its members provide over 70% of UK security products and services and adhere to strict quality standards. For more information see www.bsia.co.uk, email info@bsia.co.uk or telephone 0845 389 3889.
The BSIA's Information Destruction (ID) Section consists of companies that securely destroy a range of confidential information, including paper, DVDs and computer hard-drives. The section members also destroy items that could potentially cause problems if they fall into the wrong hands, such as branded products and uniforms, and already have extensive experience supplying solutions to a wide range of customers. For more information, visit www.bsia.co.uk/information-destruction
Press contacts: Amanda Beesley on 0845 389 0755 / 07919 381485
Alessia Vinerba on 0845 389 0741 / 07802 787186
If you would like to interview BSIA ID Section Chairman, Anthony Pearlgood, or would like a more in-depth viewpoint or advisory article, please contact Tim Compston of Compston PR on 07910 514 943, compstonpr@gmail.com
-
Tags:
- data protection act ,
- fraud ,
- identity fraud ,
- privacy ,
- security
