Menu
Working from Home – Data Protection and Security

The Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) have recently updated their guidance on data protection and cyber security. With many of us now working from home we thought this would be a useful reminder of what to consider.

The ICO recognises the unprecedented challenges we are all facing during the Coronavirus (COVID-19) pandemic.

They know firms might need to share information quickly or adapt the way they work. Data protection need not stop firms doing that. It’s about being proportionate and making reasonable judgements. Think about how you, as a member of the public, would feel about any judgements made. If something feels excessive from the public’s point of view, then it probably is.

The ICO has provided some revised guidance and answers to the questions they’re being asked at this time.

The National Cyber Security Centre has also issued some guidance – ‘Home working: preparing your organisation and staff’.

This guidance is intended to helps firms ensure their organisation is prepared for any increase in home working, and advice on spotting coronavirus (COVID-19) scam emails.

Finally, we would suggest that you refer to ATEB’s previous article on Cyber Resilience.

Don’t forget to check Our View about this article and the Actions Required By You

Working from Home – Data Protection and Security

Important Note: ATEB news is intended to provide general information ONLY. The content, including any views expressed or guidance provided, does not replace the need to comply fully with FCA Rules and Guidance. Unless you have discussed news article content with ATEB, and specifically how it relates to your circumstances, then ATEB disclaims all liability and responsibility and actions arising from any reliance placed upon it. For the avoidance of doubt therefore, any reliance you place on such information without our consultation is at your own risk.

ATEB Compliance offers compliance and regulatory advice.

ATEB Suitability provides report writing software for the financial services market.

Our View

Some useful guidance and reminders for all staff working from home.

Firms should already have a Data protection/GDPR policy in place which covers business continuity arrangements. 

Action Required By You

  • Remind all staff of the importance of data protection and security and keeping client data safe;
  • Check that staff working from home have appropriate hardware and software and that their internet security is adequate;
  • Update current Data Protection/GDPR policies if needed;
  • Any data breaches should be reported internally in the usual way and. if material, should also be reported to the ICO;
  • Check whether you have appropriate insurance cover for cyber attacks;
  • If you do not have current up to date Business Continuity or Data Protection policies, please contact your ATEB consultant for further information, or contact ATEB directly.
SUIT - Beautiful Reports
CREATE BEAUTIFUL
SUITABILITY
REPORTS
TRY IT FOR FREE
SUIT - Complete Control
TAKE BACK
CONTROL OF YOUR
SUITABILITY REPORT
PRODUCTION
TRY IT FOR FREE
SUIT - Comp confidence
SUITABILITY
REPORTS
WITH FULL
COMPLIANCE
CONFIDENCE
TRY IT FOR FREE
previous arrow
next arrow

About the Author

Contact Us

Brought to you by

Explore more articles in this category

Other articles that you might be interested in

White caution cone on keyboard

Conduct Rules Breaches – follow up

Compliance , , , ,

We wrote recently about the Conduct Rules and, in particular, breaches and notifications . See here. This article is intended to clarify some of the grey around COCON breaches. All of the following is taken from Policy Statement PS 18-14. When is disciplinary action required? When and how a firm decides to undertake disciplinary action […]

Read More
pensions regulator

New anti-scam rules for scheme trustees

Compliance , , , , , , , ,

The rights of pension scheme members to transfer, that were established in the Pensions Act 2015 are no longer absolute from 30 November 2021.   From that date, in an attempt to identify potential scams and prevent members becoming victims, trustees and scheme managers must ensure specific checks are made before complying with a member’s […]

Read More
Man people woman street

Government Scrap Protected Pension Age Window

Compliance , , , , , , ,

We previously issued a newsletter in February 2021, outlining government proposals to increase the Normal Minimum Pension Age (NMPA) from 55 to 57, with the change due to come into effect from 6 April 2028. This means that from April 2028, the earliest a member of a pension scheme will be able to access their […]

Read More
Expectations

Another Pension Transfer Charging Quirk

Compliance , , ,

Policy Statement PS20-06 states: “A firm may set a different level of non-contingent charges if they are not undertaking the full range of advising and related services that are normally provided alongside DB transfer advice. For example, if a firm is not advising on the proposed destination for the funds, it could offer lower charges […]

Read More
Different kind of hats on display

Appointed Representatives – some SM&CR questions

Compliance , , , , , , ,

Occasionally, we come across firms that are ‘Principal Firms’ – i.e. the firm has Appointed Representatives (AR) but where one or more individuals straddle both the Principal and the AR. This can raise questions around the applicability of SM&CR to such individuals since the SM&CR does not apply to ARs. Why does the SM&CR not […]

Read More
Load More