Tag - GDPR

Welcome to The Perfect Curve.

There are 1 posts in total.

Information Governance and the PSNI data breach

simon gray 2023-08-09, 07:21:15

On the PSNI data breach, it’s important to remember there’s an individual somewhere who right now just wants to find the Marianas Trench and dive into it. Their management chain, mindful of their own legal and financial liability for the breach, will be looking to shift as much blame as possible down the tree to the individual.

They’ll point to the annual mandatory training all employees have in information governance, and say it’s therefore entirely the individual employee’s fault that this monumental stuff up took place.

No.

Mandatory annual information governance training does little to actually prevent accidental data breaches from occurring; the purpose of mandatory information governance training isn’t to prevent breaches, it’s so that when a breach happens the organisation can throw their employee to the wolves and say ‘well the employee had their training so it’s not the organisation’s fault the breach happened, it’s the individual’s fault’.

In the ærospace industry, a staff member screws in a bolt, a supervisor watches the bolt being screwed in, and an inspector agrees with the supervisor’s assessment that the bolt was indeed screwed in properly. And every week, there’s a big meeting where everybody shares when in the last week they realised they didn’t screw a bolt in completely. And if anybody seems to be not admitting to very many bolt-screwing deficiencies over a few weeks, the MI people go ‘hang on, this seems ssusssss, nobody is really this good at screwing in bolts — what’s this person hiding’. Humans are fallible, and [...]

Read the rest of Information Governance and the PSNI data breach .

In group Public / Third Sector Digital

Brought to you by simon gray. Also find me on Mastodon

The code behind this site is a bit of an abandoned project; I originally had lofty ambitions of it being the start of a competitor for Twitter and Facebook, allowing other people to also use it turning it into a bit of a social network. Needless to say I got so far with it and thought who did I think I was! Bits of it don't work as well as I'd like it to work - at some point I'm going to return to it and do a complete rebuild according to modern standards.