Training staff on the Data Protection Act 1998 and related Acts and regulations should be the main-stay of any organisations strategy when dealing with personal data.
However, a governmental department sent me a very informative email last night, but it was not the actual content that drew my attention to the email it was the sprawl of other recipients email addresses!
Needless to say, the sender was not too pleased to be informed of this, but they are now obviously a potential contact for eNaycH Data Protection & Privacy training.
The Information Commissioners Office recommends two hours training on the Data Protection Act 1998 every year, for each employee. There are also guidelines on using email bcc. functionality to ensure those in the email thread are not aware of who the recipients are and to stop “reply to all” etc.
One would have rather have hoped that the Government departments would at least be able to get this right.