Dealing with SAR or Freedom of Information RequestsData Protection Act "Subject Access Request" (SAR)Anyone can issue a SAR (employee, ex-employees, customers, competitors etc.) against any organisation, including Plcs and Limited companies, by writing a letter. See the Information Commissioners Office. (click here) The site even provides guidance on how to make a request, provides sample letters and details on the fees involved – from £2 to circa £50. The following link provides (at the time of writing), a pdf guide on how to apply. (click here). If you receive a SAR you have to provide all the data required within 40 days and need to respond promptly to the requester of the information. If you fail to comply, the ICO can prosecute – with substantial penalties. Common causes of Subject Access Requests are: Employees / ex-employees
Members of the public
Freedom of Information ActThe Freedom of Information Act provides open information about government decisions, policies and finances at all levels. There are clauses and caveats that protect sensitive information, but in general a member of the public or company can request information of any government body AND where relevant, suppliers to Government. If you've supplied government, they can request information on the goods & services supplied. Any individual or organisation can request information under the Freedom of Information Act. Typical Requests include the following:
Irrecoverable loss of dataYou can get into deep trouble if you lose information. This is a situation you and your company must avoid. There are ‘Corporate Governance’ and ‘Due Diligence’ issues involved and the fines for not being able to recover and present data can be substantial. This includes individual emails. Secure storage and transport is VITALIt is YOUR responsibility in law to ensure data is stored, transported and destroyed (where necessary) properly. If a document turns up in 'The public domain' which is protected under the Data Protection Act (DPA) or FSA (Financial Services Authority) regulations you can be sued, fined and barred from business. To avoid this you should ensure that:
Get any of this wrong and both your organisation and you personally can be liable to fines and prosecution. Fortunately, BCVault solves a substantial number of the above problems. Finding & Retrieving InformationPAPERFinding data in a paper store can be difficult and inconvenient if that store is miles away from your office. You are reliant on the diligence and organisational skills of prior users, the quality of the original paper used and quality of storage to make a recovery. It can be ‘hit and miss’ outside the most rigorously maintained systems. Copying, once found is simple but time consuming, particularly for large documents. TAPESFinding data on tape storage can be equally as troublesome as in a paper store. A specific backup set needs to be isolated from what can possibly be hundreds of files. If the tape is older, your company needs to ensure it has a physically compatible tape streamer – there have been 9 major types of tape drive in the last 15 years – with very little cross–compatibility. Then it will need compatible backup device software.... and then it needs – probably a prayer or two; 30% of full tape restores fail and the situation doesn‘t improve with age. Finding data on tape can eat days and days of valuable IT time. What's more a SAR (Subject Access Request) can come at any time and needs immediate attention. HARD DISKHard disk drives are simple to restore from – if you have the disk and it is mounted in compatible computer hardware with an appropriate operating system DVD or WORM DRIVEDVDs and Worm (Write Once, Read Many) Drives are simple to read and restore from; the biggest problem is their capacity, like ‘yesterday’s’ floppy disk drives, they are low capacity against the needs of modern data storage. Searching and isolating data can be a long–winded chore because of this. BCVAULTBCVault is an outstanding offsite backup solution. It is hosted in a secure, gated and monitored data centre that benefits from diversely routed communications links and multiple generator power backup. The solution is platform ‘promiscuous’ – it will backup Windows documents and data (whatever generation) Mac, Linux, Unix, SUN, AS400 etc.... if it can ‘see’ the data it can back it up. BC Vault is based on a NAS solution – so is ‘infinitely expandable’ – no problems of running out of space (disk) or backup window size (tape). The system uses encryption for security, data compression, delta blocking and single file instancing for efficiency of storage and use over data links. Finding an individual file is simple. The secure user GUI allows deep detailed interrogation. Rather than spend hours searching through tape libraries, individual files can be found in seconds. Retrieval can in most instances be done extremely quickly via data connection. Where several Gigabytes are involved several options are available – download – ship via disk etc. BCVault offers bare metal restore – enabling a complete rebuild to differing machines. All that is required in most scenarios is enough operating system to support RAID cards. This substantialy improves recovery speed in disaster scenarios. For further details see www.bcvault.co.uk Data storage and degradationPaperPaper can degrade easily. Light and damp are the main culprits. However many modern papers have an in-built ‘time-bomb’ as they are made to a price. Short fibres and excessive use of bleaches can mean that they degrade to an unusable form in under 5 years. Even in the best environments (perfect temperature and humidity with little or no light) cheap paper will degrade. TapesTapes are subject to humidity, moisture and highly vulnerable to magnetic interference. Over 30% of complete tape restores fail. Tapes also wear with age and stretch. Typically archived tapes are old and used and this adds to the potential for a failed restore. Tape storage is expensive – they need to be kept in a temperature and humidity controlled environment that is magnetically shielded. Hard DisksHard disks are fairly durable – they can be wiped by exposure to magnetism and are susceptible to component failure within their host device – a malfunctioning RAID or drive controller and/or power supply or substantial power surge can damage disks. Hard disks also wear out; MBR records can corrupt and head sectors wear out, some types are more susceptible than others SCSI and SAS drives are more reliable than older IDE media. Hard Drives require compatible hardware (and associated operating systems) to run. This means for old data older operating systems and hardware. DVD DrivesDVD’s and CDs are generally durable. Excessive moisture can lead to blistering and delamination – particularly of cheaper media. A DVD drive holds 8GB; current desktop hard disks are typically 150 GB + in size. A desktop drive of 150GB that is at 75% capacity would require 14 DVDs to backup. WORM DrivesWORM media tends to be high quality and high price – it is designed to last and requires minimal specialist storage. Bespoke WORM drive machines will recover from the drives and major manufacturers build long-term backward compatibility into their devices. The only problems with WORM devices are disk capacity and the cost – they are very expensive and the media size struggles with current data demands. BCVaultBCVault is based on a NAS system with integrated RAID and multiple array capabilities. If a disk fails the system automatically rebuilds using an alternative from its "hot-swap" spares. NAS can be backed up and replicated for additional resilience. Click here for further information. LINKS
|