I have said that the “growth” areas for risk seem to be Cyber (IT) Risk, Reputational Risk, and Supply Chain Risk. So it is not surprising that I was very pleased recently to meet someone who is connected with a business which addresses a risk connected with all three. The business is called “Metanoia”. (Go to www.metanoia-business-services.co.uk for more information). The risk they specialise in is Data Protection. By linking with them I hope to learn a lot more about the legal and practical issues involved, and gain access to advice and training materials I can use for myself and my clients. They even offer certification for businesses they find to be compliant with the relevant regulations.
The links with the three risks I have mentioned might not be 100% obvious, so here they are:
- Cyber Risk. Data Protection requires secure IT systems and databases, but that is not the whole story. Most data breaches are caused by human beings, so awareness, training, and, sadly, discipline, have to come into the picture too.
- Reputational Risk. Even if you manage to keep on the right side of the regulations (if!) you might still find your reputation, and other people’s, down the drain if data you are supposed to control gets into the wrong hands.
- Supply Chain Risk. If you collect data for use in your business, whether concerning clients, employees, or anyone else, you are responsible for controlling it. Outsourcing services such as IT, Accounting, or Payroll does not remove that responsibility from you in the eyes of the Law or, probably, of your clients etc. so you need to be sure that your outsourced services are being managed securely.
So that is why I think this is a good time to be going into this in more depth and acquiring the support of a company already there.
I will be writing about this subject again, but if you cannot wait, please feel free to contact me for more information.