Those two questions need to be asked of all organisations including those in the private sector, just look at the recent Bank of Ireland losses of four laptops. In my line of work it is unfortunately a common theme across most companies that they either don’t know where all their data is or indeed how it is protected.

One would think they would have learned from previous experience and get their notebooks protected.

Look back over the past month and see how many of these data breaches have occurred across offices in Ireland. Its a serious problem and its only a matter of time until the right criminal gets their hands on that personal data.

As Brian Honan said the government needs to introduce legislation.

Why would an official need that many records on their laptop for use off-site?

What’s going to be done to prevent state employees from taking so many records offsite?

I remember generating a WEP code for my router at home and then doing the same for my friend who lived down the road and believe it or not they came out the same.

I went out and bought a ZyXEL router in Dixon’s the next day.

I have long been an advocate for the introduction of mandatory data breach disclosure laws similar to those already in place within the United States. This means that once an organisation discovers it has suffered a data breach or data loss affecting personal information belonging to individuals then that organisation should notify those people affected. While we do have strong Data Protection legislation in place it is not possible for the Data Protection Commissioner to police every single organisation to ensure that they are taking the most appropriate steps to protect the personal data entrusted to them.

Some companies have handled data breaches well, for example the Irish Blood Transfusion Board and Jobs.ie. However it appears that these are in the minority and this breach is an example where we are now only learning about the incident which occured last year. We no longer can depend on organisations to self regulate themselves and “do the honourable thing”. The government needs to take this bull by the horn and introduce legislation that will ensure organisations take their responsibilities of managing people’s private details seriously.