For free advice call us now

07929 506 143

echrltd@aol.co.uk

New ICO Guidance

by | Feb 5, 2019

The Information Commissioner’s Office (ICO) has published new guidance on passwords in online services and encryption under the General Data Protection Regulation (GDPR).
The main points:
  • Organisations should have an encryption policy and train staff in the use of encryption;
  • Encryption should be used for storing and transmitting data; solutions should meet current standards and be kept under review;
  • Organisations should nevertheless be aware of the residual risks that remain even with encryption in place and take steps to address these;
  • Organisations must not forget about their password system once established, they should carry out periodic reviews;
  • There may be better alternatives than using passwords; and
  • When designing systems and services, organisations must have regard to a data protection by design approach and this includes for password systems.
It also includes information on:
  • How to store passwords;
  • How to enter passwords;
  • General requirements for passwords (i.e. length and use of special characters);
  • Changing passwords;
  • The role of the National Cyber Security Centre and
  • GetSafeOnline.
The ICO confirms in the guidance that where unencrypted data is lost or destroyed, it is possible that it will pursue regulatory action.

For further information please visit the ICO website: https://ico.org.uk
 

Back to News

Sexual Harassment in the Workplace:

What Employers Need to Know About the New Legal Duty from October 2024 From October 2024, employers across the UK were subject to a new legal duty to actively prevent sexual harassment in the workplace. This marks a significant shift from previous legislation, where...

It’s February and love is in the air!

The longest month of the year is over and hopefully we can look forward to some better weather and some lighter nights. It's February and love is in the air! Let's talk about personal relationships at work and how they could be an issue for you the employer: Workplace...