The protection of data as it rests, transacts or journeys through computer systems is seen as a major component of good corporate hygiene. As well as protecting organisations from reputational risk and damaging losses, failure to protect this data can now result in both corporate and personal criminal prosecutions.
The growth of compliance requirements over the past few years has sometimes been seen as a US-based phenomenon as regulations are implemented to address various corporate failures and scandals over the past decade or so. In fact, compliance, rules and regulations to protect data stored by EU based organisations can be just as onerous as those originating from the US.
This paper highlights key directives and legislation as it affects the member states of the EU.
Data loss prevention technologies, especially data encryption, are becoming increasingly important as organisations face up to the consequences of unintended data loss. A data loss incident is no longer seen as an unfortunate accident; now it will be accompanied by significant reputational risk and the possibility of legal action against the organisation or, even, executives personally.
Clearly and quite rightly data loss is now a legal issue and IT professionals need to be aware of their responsibilities.