This week we're looking at:
How to reduce the likelihood of data breaches and security incidents
In many cases, data breaches can be avoided if we take the time to double-check we have the correct information.
Fortunately, teams are usually very quick to respond and take the necessary action to resolve a security incident, however, a breach of personal data can often be very distressing to service users, and in some cases, damage their trust in the council.
In more severe cases, breaches of personal data can pose considerable risks of physical or emotional harm.
It's vital we take the time to pause and check that we have the right information before we send.
Key questions to ask yourself:
- is the recipient's address up to date?
- are all attachments and content meant for the recipient?
- is there any personal information about others in the email trail?
- if using a template form, is it blank?
- do any documents need redacting before sending?
- have you enabled delivery and read receipts for external emails, so that we know if sensitive information has been read?
- do you need to blind copy the recipients (bcc)?
- do you need to reply to one person or reply to all?
If you discover a breach:
- inform your line manager right away and report the mistake as a security incident on Halo
- try to retrieve the wrongly sent correspondence or ask for it to be deleted
- advise the incorrect recipient to keep the information confidential
- address any safeguarding concerns
- apologise to the affected person if necessary
- investigate why the mistake happened and how to prevent it in the future
- respond to any complaints about the mistake
- notify the relevant head of service
Find out more about the different area of data security.