Rise of data security concerns

The recent prosecution of a motor trade employee who stole data from his employer underlines the fact that data security is a growing concern for all businesses.

But although individuals can be prosecuted for deliberately stealing customers' data, repairers shouldn't be fooled into thinking their business will be absolved of any responsibility in such circumstances.

If the ICO determine processes and procedures were not put in place to reduce the risk of data breaches and actions of rogue employees, businesses could still face a hefty fine under GDPR.

Stolen customer data can lead to nuisance sales calls at one end of the scale, all the way to identity fraud and compromised bank accounts at the other, so the fall out can be significant, damaging trust and brand reputation. So what can garages do to avoid the risks of a data breach?

Mark Kelland, commercial manager of Dragon2000, explained, 'It's important to ensure that all staff and subsequent new employees are educated on the seriousness of data protection. Garages should explain their business policies and procedures, which many will have defined in complying with GDPR, which they must adhere to.

'Employment contracts should also be updated to ensure they make clear what is expected of employees regarding data protection. Their agreement to it will make taking action easier, should they breach the rules, and it also shows that measures have been put in place to help to prevent misuse of customer data. It is worth reminding employees that they can be prosecuted as an individual if they deliberately obtain personal data without permission and face fines, or even a prison term.

'Garages can reduce the risk of data theft by making sure all employees have their own individual logins for any of systems containing personal customer data. Change passwords immediately if it is suspected they have been compromised and only give personalised employee login permissions for system areas and data that is required for them to perform their role. Staff also need to be warned not to share login credentials with their colleagues – this will avoid accountability issues and potential misuse.

'Finally, revoke system logins for ex-employees upon them leaving and do not leave them live for someone else to use. If garages follow these simple procedures, they will significantly reduce the risk of data theft and avert the commercial and financial impact of a breach.'

04 April 2024

The Assessors Journal announced..

31 March 2024

Criminal Enforcement Competition and Consumer Protection Commission.- event Ireland

29 January 2024

North West Region CPD event

25 October 2023

IAEA London region Lecture November 2023

25 October 2023

ITAS Future vision with the IAEA

02 October 2023

Revenue publishes a tender for vehicle valuation services

01 September 2023

Essential alternative fuelled vehicles risk course for assessors

30 August 2023

ULEZ forcing drivers to replace cars

21 August 2023

Demand is growing for automotive repair apprentices

21 August 2023

Kia to launch EV9 electric SUV

Members Area

Log in using your IAEA account where you will be able to read IAEA updates, update your personal and business details and much, much more.

The Assessor

Look out for our new revised magazine in the first quarter of 2024 - reach out to our editor if you have any content to share.

Read online here

Get in Touch

For more details or if you have an enquiry, please get in touch by calling 01296 642895. Or if you prefer to use our contact page to email us.

The Institute is a Professional Affiliate of the Engineering Council, has Learned Society status and is a registered Charity (No 273452).

Privacy Policy | Terms & Conditions | Articles of Association | Site Map | Admin |

Site Design, Build and System developed by Pure

We have placed cookies on your device to give you the best possible experience. By continuing to browse our site, you agree to our use of cookies. To find out more, please refer to our Privacy Policy. Accept Reject

News Update