28 January 2008
Marks and Spencers (M&S) has been ordered to encrypt all company laptops containing personal information by April 2008.
In May 2007 the high street fashion seller admitted it had lost records relating to 26,000 staff when a laptop was stolen from a contractor's house. The laptop contained information on members of the company’s pension scheme.
M&S wrote to all staff whose information had been compromised offering free credit checks. The Information Commissioner's Office (ICO) has explained that any laptop harbouring such important information should always be encrypted.
The ICO has issued M&S with an Enforcement Notice, the company must ensure laptops containing sensitive information are encrypted by April, or face further action from the ICO.
The ICO wants the power to carry out spot checks on private companies and government departments when it suspects data protection is not being carried out properly.
Keep up to date with industry and Nomensa news by signing up to Nomensa newsletters.
