The Impact of Human Error on Data Security Breaches

Let’s look at a few examples

• A marketing agency sends an Excel file, not password protected, to a competitor of the client they meant to send it to. In this case the agency’s data protection procedures haven’t been good enough but human error has played a key part. The agency’s reputation will undoubtedly suffer.
• After another round of M&As in the IT industry, an acquiring organisation merges in data from a new UK subsidiary. In doing so they make assumptions about what ‘consent’ means and succumb to data licensing restrictions. They receive a fine.
• A company gives its account managers access to all client data and ‘ownership’ of specific accounts. They mistakenly see the data as theirs and move jobs taking it with them and market to those accounts. A contact complains which leads to an investigation, potentially leading to fines.
• A company doesn’t remove records properly that they were supposed to delete. People leave, new people make assumptions, and deleted data comes back to life which isn’t compliant.
• A client gives their marketing agency a suppression file but in error the agency uses the data to send out a marketing email for a competing client. The agency loses both clients.

These aren’t theoretical, they happen, and they all come down to human error or poor intentions. They all cost the associated businesses money, either directly through fines and losing clients, or indirectly through damage to their reputation and time costs.

Are new processes the answer?

It’s usually the responsibility of an IT department to implement the relevant software, firewalls, policies, and physical security etc. but what about monitoring the human element?

Getting processes and procedures right could fix a lot of issues, but everyone must then follow these processes for them to be effective. They also need to be relevant, accessible, properly maintained and well communicated to all.

The problem here is there’s a lot that you have to do right to prevent things going seriously wrong, and there’s a lot of links in the chain of communication that could easily come unstuck.

Using tools to prevent data breaches

The best processes in technology involve limiting human involvement. That’s why modern aircraft rely so much on automation – it’s safer.

Now there’s some new software available in the data industry that can prevent all the problems we outlined earlier, and more, by removing human involvement and therefore eradicating the potential for human error.

Introducing ClearCrypt

ClearCrypt enables organisations to exchange personal data quickly and securely in a fully compliant manner without you needing to ‘send’ data direct.

You can use ClearCrypt to:

·        Compare: encrypted comparison of data between two organisations in a secure environment, maintaining compliance with data protection regulations and privacy and security policies

·        Exclude: find out what data your customer already has and exclude it without the need for time-consuming paperwork and the setup of data processing agreements

·        Suppress: securely provide your data suppression list to a third party with the knowledge and assurance that they can only view data already in their possession

·        Target: quickly discover the overlap in data between you and your partner/channel network with complete confidentiality

Data providers and brokers, marketing agencies and technology companies all use ClearCrypt to compare two sets of data to see which contacts they have in common. You can do the same using ClearCrypt to prevent human error and associated data breaches.

Find out more about how ClearCrypt could help you today, here.