SlideShare a Scribd company logo

Zurich Insurance Plc - Data Loss

Stuart Macdonald
Stuart Macdonald

Information Commissioner's Office Press Release = Zurich Insurance agrees to improve information security after losing over 46,000 individuals’ personal financial information

Technology
1 of 3
Download to read offline
Press Release For immediate release 24 March 2010 Zurich Insurance agrees to improve information security after losing over 46,000 individuals’ personal financial information The Information Commissioner’s Office (ICO) has found Zurich Insurance plc in breach of the Data Protection Act after it lost an unencrypted back- up tape containing financial personal information belonging to 46,000 policy holders of Zurich Private Client, Zurich Special Risk and Zurich Business Client, which are all part of Zurich Insurance plc. The back-up tape, which also included personal details of 1,800 third parties, was lost by a sister company, Zurich Insurance Company South Africa, during a routine transfer to a data storage centre in South Africa. The data loss occurred on 11 August 2008 although the sister company did not inform Zurich Insurance plc until over a year later. Subsequent internal investigations revealed failings in the management of security procedures involving data tapes in South Africa. UK Branch Manager of Zurich Insurance plc, Stephen Lewis, has now signed an Undertaking to ensure that where any future movement of back-up tapes is required appropriate data security procedures including the use of encryption where appropriate, are in place. Zurich Insurance plc has committed to put in place controls to monitor and promptly report potential or actual data loss activity. The Undertaking also requires that steps are taken to ensure staff and external contractors are made fully
aware of security procedures and adequate checks are carried out on contractors’ staff. Sally-anne Poole, Head of Enforcement & Investigations at the ICO, said: “It is vital that organisations ensure effective safeguards are in place to protect personal information. Failure to adequately protect personal details could lead to information falling into the wrong hands and ultimately the loss of customers’ trust and confidence. I encourage all organisations to report any serious data security breaches to us so that the nature of the breach or loss can be considered. I am pleased to see that Zurich Insurance plc has taken remedial steps to ensure individuals’ personal details are protected in future.” A full copy of the Undertaking can be viewed here: http://www.ico.gov.uk/what_we_cover/data_protection/enforcement.aspx ENDS If you need more information, please contact the ICO press office on 020 7025 7580 or visit the website at: www.ico.gov.uk Notes to Editors 1. The data controller shall, as from the date of this Undertaking and for so long as similar standards are required by the Act or other successor legislation, ensure that personal data are processed in accordance with the Seventh Data Protection Principle in Part 1 of schedule 1 to the Act, and in particular that: • where any future movement of back up tapes is required ensure that appropriate data security procedures, including the use of encryption where appropriate, are in place; • steps are taken to ensure staff and external contractors are made fully aware of such security procedures and adhere to them; • adequate checks are carried out on contractors’ staff; • and effective controls are put in place to monitor and promptly report potential or actual data loss activity.
2. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals. 3. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003 4. Organisations can now sign the Personal Information Promise to demonstrate their commitment to protecting people’s personal information by visiting the website at www.ico.gov.uk 5. For more information about the Information Commissioner’s Office subscribe to our e-newsletter at www.ico.gov.uk. Alternatively, you can find us on Twitter at www.twitter.com/ICOnews 6. Anyone who processes personal information must comply with eight principles, which make sure that personal information is: • Fairly and lawfully processed • Processed for limited purposes • Adequate, relevant and not excessive • Accurate and up to date • Not kept for longer than is necessary • Processed in line with your rights • Secure • Not transferred to other countries without adequate protection

Recommended

Royal London - data loss
Royal London - data lossRoyal London - data loss
Royal London - data lossStuart Macdonald
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
Workplace Privacy (excerpt)
Workplace Privacy (excerpt)Workplace Privacy (excerpt)
Workplace Privacy (excerpt)Andrea Maggipinto [+1k]
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Box 9
Box 9Box 9
Box 9OmPrakash63906
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
3e - Data Protection
3e - Data Protection3e - Data Protection
3e - Data ProtectionMISY
 
Israel Privacy Protection Regulations - Duty To Report A Severe Security Event
Israel Privacy Protection Regulations - Duty To Report A Severe Security EventIsrael Privacy Protection Regulations - Duty To Report A Severe Security Event
Israel Privacy Protection Regulations - Duty To Report A Severe Security EventBarry Schuman
 

Recommended

Royal London - data loss
Royal London - data lossRoyal London - data loss
Royal London - data lossStuart Macdonald
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
Workplace Privacy (excerpt)
Workplace Privacy (excerpt)Workplace Privacy (excerpt)
Workplace Privacy (excerpt)Andrea Maggipinto [+1k]
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Box 9
Box 9Box 9
Box 9OmPrakash63906
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
3e - Data Protection
3e - Data Protection3e - Data Protection
3e - Data ProtectionMISY
 
Israel Privacy Protection Regulations - Duty To Report A Severe Security Event
Israel Privacy Protection Regulations - Duty To Report A Severe Security EventIsrael Privacy Protection Regulations - Duty To Report A Severe Security Event
Israel Privacy Protection Regulations - Duty To Report A Severe Security EventBarry Schuman
 
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...Sanjeev Bharwan
 
Intercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitIntercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitjoshquarrie
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)Extentia Information Technology
 
Data protection act
Data protection actData protection act
Data protection actRev Marketing
 
Are you GDPR ready?
Are you GDPR ready?Are you GDPR ready?
Are you GDPR ready?INSZoom
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality454rss45
 
M.Marusic Dzlp E Society En
M.Marusic Dzlp E Society EnM.Marusic Dzlp E Society En
M.Marusic Dzlp E Society EnMetamorphosis
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360DataStax
 
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...IT Governance Ltd
 
Preparing for EU GDPR
Preparing for EU GDPRPreparing for EU GDPR
Preparing for EU GDPRIT Governance Ltd
 
GDPR for dummies
GDPR for dummies GDPR for dummies
GDPR for dummies Benoît De Nayer
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentialityJake Facer
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulationGreg Ezeilo
 
Data Protection Factsheet
Data Protection FactsheetData Protection Factsheet
Data Protection Factsheet- Mark - Fullbright
 
Week Of 2009 08 31
Week Of 2009 08 31Week Of 2009 08 31
Week Of 2009 08 31mbarreto13
 
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Jason Haislmaier
 
UPMC Identity Data Breach
UPMC Identity Data BreachUPMC Identity Data Breach
UPMC Identity Data Breach Managed Outsource Solutions
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 
Zurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossZurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossStuart Macdonald
 
The Trouble With It
The Trouble With ItThe Trouble With It
The Trouble With ItStuart Macdonald
 
Morse Econ Tourism Transylvania Brevard 10 15 09
Morse Econ Tourism Transylvania Brevard 10 15 09Morse Econ Tourism Transylvania Brevard 10 15 09
Morse Econ Tourism Transylvania Brevard 10 15 09Steve Morse, Ph.D.
 
aura_profile-corp
aura_profile-corpaura_profile-corp
aura_profile-corpBhagavan Prasad
 

More Related Content

What's hot

HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...Sanjeev Bharwan
 
Intercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitIntercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitjoshquarrie
 
Are you GDPR ready?
Are you GDPR ready?Are you GDPR ready?
Are you GDPR ready?INSZoom
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality454rss45
 
M.Marusic Dzlp E Society En
M.Marusic Dzlp E Society EnM.Marusic Dzlp E Society En
M.Marusic Dzlp E Society EnMetamorphosis
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360DataStax
 
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...IT Governance Ltd
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentialityJake Facer
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulationGreg Ezeilo
 
Week Of 2009 08 31
Week Of 2009 08 31Week Of 2009 08 31
Week Of 2009 08 31mbarreto13
 
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Jason Haislmaier
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 

What's hot (18)

HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
 
Intercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitIntercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkit
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Data protection act
Data protection actData protection act
Data protection act
 
Are you GDPR ready?
Are you GDPR ready?Are you GDPR ready?
Are you GDPR ready?
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
M.Marusic Dzlp E Society En
M.Marusic Dzlp E Society EnM.Marusic Dzlp E Society En
M.Marusic Dzlp E Society En
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360
 
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
 
Preparing for EU GDPR
Preparing for EU GDPRPreparing for EU GDPR
Preparing for EU GDPR
 
GDPR for dummies
GDPR for dummies GDPR for dummies
GDPR for dummies
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentiality
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulation
 
Data Protection Factsheet
Data Protection FactsheetData Protection Factsheet
Data Protection Factsheet
 
Week Of 2009 08 31
Week Of 2009 08 31Week Of 2009 08 31
Week Of 2009 08 31
 
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)
 
UPMC Identity Data Breach
UPMC Identity Data BreachUPMC Identity Data Breach
UPMC Identity Data Breach
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 

Viewers also liked

Zurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossZurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossStuart Macdonald
 
Morse Econ Tourism Transylvania Brevard 10 15 09
Morse Econ Tourism Transylvania Brevard 10 15 09Morse Econ Tourism Transylvania Brevard 10 15 09
Morse Econ Tourism Transylvania Brevard 10 15 09Steve Morse, Ph.D.
 
Strategic Buying Group - UK largest private buying consortium
Strategic Buying Group - UK largest private buying consortiumStrategic Buying Group - UK largest private buying consortium
Strategic Buying Group - UK largest private buying consortiumStrategic Vision Limited
 
Medieval Literature
Medieval LiteratureMedieval Literature
Medieval Literaturezanenglish
 
NFEAS JOURNAL, Volume 29, Number 1, 2011-2012
NFEAS JOURNAL, Volume 29, Number 1, 2011-2012NFEAS JOURNAL, Volume 29, Number 1, 2011-2012
NFEAS JOURNAL, Volume 29, Number 1, 2011-2012William Kritsonis
 
University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...
University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...
University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...William Kritsonis
 
Dr. Karen Osterholm, www.nationalforum.com
Dr. Karen Osterholm, www.nationalforum.comDr. Karen Osterholm, www.nationalforum.com
Dr. Karen Osterholm, www.nationalforum.comWilliam Kritsonis
 
James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...
James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...
James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...William Kritsonis
 
PlanificacióN De Unidad Parvularia
PlanificacióN De Unidad ParvulariaPlanificacióN De Unidad Parvularia
PlanificacióN De Unidad Parvulariajoseadalberto
 
Dr. S. Marie McCarther, University of Missouri - Kansas City
Dr. S. Marie McCarther, University of Missouri - Kansas CityDr. S. Marie McCarther, University of Missouri - Kansas City
Dr. S. Marie McCarther, University of Missouri - Kansas CityWilliam Kritsonis
 
Lunenburg, fred c[1]. special education services nfsej v21 n1 2010
Lunenburg, fred c[1]. special education services nfsej v21 n1 2010Lunenburg, fred c[1]. special education services nfsej v21 n1 2010
Lunenburg, fred c[1]. special education services nfsej v21 n1 2010William Kritsonis
 
Christel Williams - Our iceberg is melting summary
Christel Williams - Our iceberg is melting summaryChristel Williams - Our iceberg is melting summary
Christel Williams - Our iceberg is melting summaryWilliam Kritsonis
 
Rhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation Chair
Rhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation ChairRhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation Chair
Rhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation ChairWilliam Kritsonis
 

Viewers also liked (20)

Zurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossZurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data Loss
 
The Trouble With It
The Trouble With ItThe Trouble With It
The Trouble With It
 
Morse Econ Tourism Transylvania Brevard 10 15 09
Morse Econ Tourism Transylvania Brevard 10 15 09Morse Econ Tourism Transylvania Brevard 10 15 09
Morse Econ Tourism Transylvania Brevard 10 15 09
 
aura_profile-corp
aura_profile-corpaura_profile-corp
aura_profile-corp
 
Sullivan Co Off03 2 27 09
Sullivan Co Off03 2 27 09Sullivan Co Off03 2 27 09
Sullivan Co Off03 2 27 09
 
Romanticism
RomanticismRomanticism
Romanticism
 
Strategic Buying Group - UK largest private buying consortium
Strategic Buying Group - UK largest private buying consortiumStrategic Buying Group - UK largest private buying consortium
Strategic Buying Group - UK largest private buying consortium
 
Medieval Literature
Medieval LiteratureMedieval Literature
Medieval Literature
 
NFEAS JOURNAL, Volume 29, Number 1, 2011-2012
NFEAS JOURNAL, Volume 29, Number 1, 2011-2012NFEAS JOURNAL, Volume 29, Number 1, 2011-2012
NFEAS JOURNAL, Volume 29, Number 1, 2011-2012
 
27.1 Energizer 1
27.1 Energizer 127.1 Energizer 1
27.1 Energizer 1
 
Create a new life at every moment - Leyla Tavernaro Haidarian
Create a new life at every moment - Leyla Tavernaro HaidarianCreate a new life at every moment - Leyla Tavernaro Haidarian
Create a new life at every moment - Leyla Tavernaro Haidarian
 
Mary ann springs 13 virtues
Mary ann springs 13 virtuesMary ann springs 13 virtues
Mary ann springs 13 virtues
 
University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...
University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...
University of Ljubljana, Faculty of Arts - Article by William Allan Kritsonis...
 
Dr. Karen Osterholm, www.nationalforum.com
Dr. Karen Osterholm, www.nationalforum.comDr. Karen Osterholm, www.nationalforum.com
Dr. Karen Osterholm, www.nationalforum.com
 
James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...
James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...
James Shippy - BOOK, Iceberg melting summary, Submitted to William Allan Kri...
 
PlanificacióN De Unidad Parvularia
PlanificacióN De Unidad ParvulariaPlanificacióN De Unidad Parvularia
PlanificacióN De Unidad Parvularia
 
Dr. S. Marie McCarther, University of Missouri - Kansas City
Dr. S. Marie McCarther, University of Missouri - Kansas CityDr. S. Marie McCarther, University of Missouri - Kansas City
Dr. S. Marie McCarther, University of Missouri - Kansas City
 
Lunenburg, fred c[1]. special education services nfsej v21 n1 2010
Lunenburg, fred c[1]. special education services nfsej v21 n1 2010Lunenburg, fred c[1]. special education services nfsej v21 n1 2010
Lunenburg, fred c[1]. special education services nfsej v21 n1 2010
 
Christel Williams - Our iceberg is melting summary
Christel Williams - Our iceberg is melting summaryChristel Williams - Our iceberg is melting summary
Christel Williams - Our iceberg is melting summary
 
Rhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation Chair
Rhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation ChairRhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation Chair
Rhodena Townsell, Dissertation, Dr. William Allan Kritsonis, Dissertation Chair
 

Similar to Zurich Insurance Plc - Data Loss

Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? N-iX
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislationUlf Mattsson
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkMatt Siltala
 
Privacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyPrivacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyIshay Tentser
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Spice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy UpdateSpice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy UpdateMathew Chacko
 
Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Agustin Argelich Casals
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standardsautomatskicorporation
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Vijay Dalmia
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Aaron Banham
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Vijay Dalmia
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
 

Similar to Zurich Insurance Plc - Data Loss (20)

Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing?
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 
GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-Right
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David Mink
 
Privacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyPrivacy by design for startups: legal and technology
Privacy by design for startups: legal and technology
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetup
 
Spice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy UpdateSpice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy Update
 
Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 
How can you improve cybersecurity at your law firm?
How can you improve cybersecurity at your law firm?How can you improve cybersecurity at your law firm?
How can you improve cybersecurity at your law firm?
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standards
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
 
ClientAdvisoryNote - Obama's Privacy Action Plan
ClientAdvisoryNote - Obama's Privacy Action PlanClientAdvisoryNote - Obama's Privacy Action Plan
ClientAdvisoryNote - Obama's Privacy Action Plan
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 

Recently uploaded

Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Recently uploaded (20)

Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

Zurich Insurance Plc - Data Loss

  • 1. Press Release For immediate release 24 March 2010 Zurich Insurance agrees to improve information security after losing over 46,000 individuals’ personal financial information The Information Commissioner’s Office (ICO) has found Zurich Insurance plc in breach of the Data Protection Act after it lost an unencrypted back- up tape containing financial personal information belonging to 46,000 policy holders of Zurich Private Client, Zurich Special Risk and Zurich Business Client, which are all part of Zurich Insurance plc. The back-up tape, which also included personal details of 1,800 third parties, was lost by a sister company, Zurich Insurance Company South Africa, during a routine transfer to a data storage centre in South Africa. The data loss occurred on 11 August 2008 although the sister company did not inform Zurich Insurance plc until over a year later. Subsequent internal investigations revealed failings in the management of security procedures involving data tapes in South Africa. UK Branch Manager of Zurich Insurance plc, Stephen Lewis, has now signed an Undertaking to ensure that where any future movement of back-up tapes is required appropriate data security procedures including the use of encryption where appropriate, are in place. Zurich Insurance plc has committed to put in place controls to monitor and promptly report potential or actual data loss activity. The Undertaking also requires that steps are taken to ensure staff and external contractors are made fully
  • 2. aware of security procedures and adequate checks are carried out on contractors’ staff. Sally-anne Poole, Head of Enforcement & Investigations at the ICO, said: “It is vital that organisations ensure effective safeguards are in place to protect personal information. Failure to adequately protect personal details could lead to information falling into the wrong hands and ultimately the loss of customers’ trust and confidence. I encourage all organisations to report any serious data security breaches to us so that the nature of the breach or loss can be considered. I am pleased to see that Zurich Insurance plc has taken remedial steps to ensure individuals’ personal details are protected in future.” A full copy of the Undertaking can be viewed here: http://www.ico.gov.uk/what_we_cover/data_protection/enforcement.aspx ENDS If you need more information, please contact the ICO press office on 020 7025 7580 or visit the website at: www.ico.gov.uk Notes to Editors 1. The data controller shall, as from the date of this Undertaking and for so long as similar standards are required by the Act or other successor legislation, ensure that personal data are processed in accordance with the Seventh Data Protection Principle in Part 1 of schedule 1 to the Act, and in particular that: • where any future movement of back up tapes is required ensure that appropriate data security procedures, including the use of encryption where appropriate, are in place; • steps are taken to ensure staff and external contractors are made fully aware of such security procedures and adhere to them; • adequate checks are carried out on contractors’ staff; • and effective controls are put in place to monitor and promptly report potential or actual data loss activity.
  • 3. 2. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals. 3. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003 4. Organisations can now sign the Personal Information Promise to demonstrate their commitment to protecting people’s personal information by visiting the website at www.ico.gov.uk 5. For more information about the Information Commissioner’s Office subscribe to our e-newsletter at www.ico.gov.uk. Alternatively, you can find us on Twitter at www.twitter.com/ICOnews 6. Anyone who processes personal information must comply with eight principles, which make sure that personal information is: • Fairly and lawfully processed • Processed for limited purposes • Adequate, relevant and not excessive • Accurate and up to date • Not kept for longer than is necessary • Processed in line with your rights • Secure • Not transferred to other countries without adequate protection