Working from Home – Data Protection and Security

The Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) have recently updated their guidance on data protection and cyber security. With many of us now working from home we thought this would be a useful reminder of what to consider.

The ICO recognises the unprecedented challenges we are all facing during the Coronavirus (COVID-19) pandemic.

They know firms might need to share information quickly or adapt the way they work. Data protection need not stop firms doing that. It’s about being proportionate and making reasonable judgements. Think about how you, as a member of the public, would feel about any judgements made. If something feels excessive from the public’s point of view, then it probably is.

The ICO has provided some revised guidance and answers to the questions they’re being asked at this time.

The National Cyber Security Centre has also issued some guidance – ‘Home working: preparing your organisation and staff’.

This guidance is intended to helps firms ensure their organisation is prepared for any increase in home working, and advice on spotting coronavirus (COVID-19) scam emails.

Finally, we would suggest that you refer to ATEB’s previous article on Cyber Resilience.

Important Note: ATEB news is intended to provide general information ONLY. The content, including any views expressed or guidance provided, does not replace the need to comply fully with FCA Rules and Guidance. Unless you have discussed news article content with ATEB, and specifically how it relates to your circumstances, then ATEB disclaims all liability and responsibility and actions arising from any reliance placed upon it. For the avoidance of doubt therefore, any reliance you place on such information without our consultation is at your own risk.

ATEB Compliance offers compliance and regulatory advice.

ATEB Suitability provides report writing software for the financial services market.

Our View

Some useful guidance and reminders for all staff working from home.

Firms should already have a Data protection/GDPR policy in place which covers business continuity arrangements. 

Action Required By You

  • Remind all staff of the importance of data protection and security and keeping client data safe;
  • Check that staff working from home have appropriate hardware and software and that their internet security is adequate;
  • Update current Data Protection/GDPR policies if needed;
  • Any data breaches should be reported internally in the usual way and. if material, should also be reported to the ICO;
  • Check whether you have appropriate insurance cover for cyber attacks;
  • If you do not have current up to date Business Continuity or Data Protection policies, please contact your ATEB consultant for further information, or contact ATEB directly.
SUIT - Beautiful Reports
SUIT - Complete Control
SUIT - Comp confidence
previous arrow
next arrow

About the Author

Technical Manager - Often referred to as the Oracle or the Sage, Alistair has a wealth of financial services experience. He is our go-to Technical Manager and enjoys nothing more than a complicated conundrum. Feel free to test his renowned knowledge by getting in touch.

Contact Us

Brought to you by

Explore more articles in this category

Other articles that you might be interested in