By Claire West
Organisations must ensure that employees taking confidential information out of the office does not result in a data breach.
As employees around the UK prepare for National Work from Home Day on Friday 24th September, leading information destruction company Shred-it warns that many businesses could be leaving themselves open to unnecessary risks if internal security measures fail to extend to staff working outside the office.
Latest figures from the Trades Union Congress (TUC) estimate that there are 3.5 million home workers throughout the UK. It is predicted that this number is set to rise significantly in support of the event.
Robert Guice, Executive Vice President of Shred-it, EMEA, commented: "National Work From Home Day offers employees the opportunity to experience the benefits that home working offers, including improved life balance and reduced stress.
"Organisations do however need to consider their policies and procedures relating to how confidential company and client information should be handled by staff working beyond the confines of the office.
"Despite efforts to promote the "paperless office" most employees still regularly print off documents containing confidential information, for example to sign them or proof read them. It is vital therefore that they understand the security processes that need to be followed when disposing of these documents both at home and in the office."
Organisations operating in all industry sectors have an obligation to protect the sensitive information their business generates or risk falling foul of data protection legislation. This includes a responsibility for the security of confidential data removed from the premises.
Those found to have committed a data breach now face the possibility of sizeable fines after the Information Commissioner's Office (ICO) was given, in April 2010, the power to levy fines of up to £500,000 for data breaches to deter organisations from taking risks with sensitive information. This is in addition to the reputational damage caused and associated loss of businesses if the breach were to become public knowledge.
Robert Guice continues: "Small firms must make employee education a top priority to reduce the risk of a data breach occurring. Invoices, company reports, payroll data and customer lists are all highly confidential and need to be destroyed or securely stored.
"Setting out clear guidelines for staff on what constitutes sensitive information and how it should be securely stored and destroyed both in and outside of the office will help to prevent any leaks occurring."