Managing Information Risk - do you know who’s doing what with your information?
In July 2009, banking giant HSBC was fined £3.2 million by the Financial Services Authority for failing to secure its systems and to prevent the loss of sensitive customer information.
HSBC ‘s Actuaries business unit had lost an unencrypted disk containing the details of some 2,000 pension scheme members, and HSBC Life UK lost an unencrypted CD containing the details of 180,000 policy holders.
And if your first thoughts on this were ‘lets keep it in paper, at least it’s safer’, the financial watchdog also alleged that at HSBC sensitive information was left on shelves and in unlocked filing cabinets, and that bank staff “were not sufficiently trained to recognise risks”.
So how do you manage the control and the risk related to the ever increasing amount of information available?
Staff training is a key element, but in larger organisations, with a turnover of staff, this alone will not do.
IPC have been advising organisations on information management for the last 15 years, and supplying mstore EDM solutions with the risk elements very much in mind. With mstore there is the ability to track all activities, across all document types, and it has a series of Compliance modules built in, that include:
Document and Event History: Monitors all action taken on individual documents by user, by date, time. Overview can alert to unusual activity for administrators.
Security Module: Allows set up of available actions and functionality, by user, by document type.
File Integrity Checking – select documents to check there have been no alterations to originally stored documents.
Add to this multi level password controls, and encryption, Electronic Document Management from IPC can be made as secure as the most rigorous standards required.
To learn more and to get details on IPC’s Information Management Consultancy please call The IPC Group on 08081 45 46 47.