FSA says that digital photocopiers pose security risk
Share
The FSA has warned that digital photocopiers pose a data security risk if financial services firms fail to properly erase stored information when the machines are replaced.
In its latest financial crime newsletter, the FSA says since 2002, most digital photocopiers have been fitted with a hard disk that saves the details of documents and information that has been put through the machine.
The regulator says that as inf-ormation could include clients’ personal details, it is essential that the data is erased when photocopiers are replaced.
In April 2008, the FSA published a report on data security in financial services which outlines best practice procedures for the disposal of hardware.
The FSA warns: “Firms need to include digital photocopiers in the devices which require concern when disposing of hardware. Getting data protection wrong can bring commercial, reputational, regulatory and legal penalties.”
Paladin Financial Services managing director Tim Purdon says : “I did not know there were hard disks inside photocopiers and I think many IFAs may also be unaware of this.
“This is a timely warning for us all. I would encourage IFAs to check their equipment and make sure that if their machine has a hard disk, it is erased properly.”
If you enjoyed this article, sign up here to receive daily email updates from Money Marketing and Follow @_moneymarketing
View results 10 per page | 20 per page
Readers' comments (20)
Anonymous | 15 Jul 2010 1:08 pm
and it has taken 8 years for them to let people know of this?
get on the ball.
Unsuitable or offensive? Report this comment
Anonymous | 15 Jul 2010 1:16 pm
It's a shame it's taken a bit longer thsn that to erase the FSA
Unsuitable or offensive? Report this comment
Anonymous | 15 Jul 2010 1:18 pm
I think it would be best if the FSA took on the task of regulating the photocopier industry as well, then we could all sleep easy.
Unsuitable or offensive? Report this comment
Simon Webster | 15 Jul 2010 1:22 pm
One could argue that any prudent "man of business" ought to be aware of where client or indeed his own personal data is stored.
I love to kick the FSA as well as the next man (and that is a lot) but maybe they expected IFA's to understand what and how their kit behaved, and in fairness to them on this occassion I don't think that is an unreasonable expectation...
Unsuitable or offensive? Report this comment
Julian Stevens | 15 Jul 2010 1:34 pm
We have a Kyocera 1620 digital photocopier (and an excellent machine it is too).
We checked with our service agents who supplied and maintain it for us and they tell us that it definitely does not incorporate a hard disk drive. Apparently, only the very largest machines include them. Most do not.
Perhaps it might have been more appropriate for the FSA to have issued a more carefully considered (ha!) warning to the effect that some but by no means all digital photocopiers contain hard disk drives and that firms are advised to ensure that as and when the machine is disposed of, this is removed in the interests of data security.
As always, there is a good way of doing something and, regrettably, what may in the fullness of time, come to be known as the FSA way.
Unsuitable or offensive? Report this comment
Anonymous | 15 Jul 2010 1:51 pm
No doubt that following the extermination of good honest brokers,the FSA will erase stored information about them, won't they ?
Unsuitable or offensive? Report this comment
Andy Newman | 15 Jul 2010 2:04 pm
At our last FSA inspection I saw the lead inspector standing looking confused in front of the shredder with a piece of paper in his hand.
“Listen,” the FSA guy says, “This is a very sensitive and important document, and my team has left for the day. Can you make this thing work?”
“No problem,” I said and turned the machine on, inserted the paper, and pressed “Start.” “Excellent!” said the FSA man as his paper disappears inside the machine.
“Now I just need one copy"
:o)
Unsuitable or offensive? Report this comment
Bill Wells | 15 Jul 2010 2:06 pm
Why does the FSA feel a need to do the ICO's job.
Anyway, perhaps the NHS, the IR, the MoD and numerous other government agencies (including the FSA itself) ought to get its own data protection procedures sorted out before preaching to IFAs.
Unsuitable or offensive? Report this comment
NewsFlash! | 15 Jul 2010 2:11 pm
"The FSA have today announced that crossing the road is not safe due to the number of big cars which could run you down. A new regulation now requires everyone to wait for an FSA official to hold their hand when crossing"
A Director of AMI who is also a member of the RAC said " As usual I would not wish to upset anyone at the FSA therefore We fully endorse and understand the risk posed in crossing the road and will be advising our members accordingly"
Unsuitable or offensive? Report this comment
Martyn Sinclair | 15 Jul 2010 2:48 pm
I am sure that this directive or advisory (must be compliant) follows an email that was doing the rounds about this very subject. This is a real problem that exists not just for IFA's but every single company including the Police who use digital photocopiers. When I saw the email i immediately sent a copy to my compliance officer becasue it scared the living daylights out of me, not just about my IFA work, but also if i stay in a hotel and my passport is copied for security reasons. This problem is universal and includes the FSA building and offices itself. Rather than just sending out the adviosry or notification, it woul dhave actually been useful if the FSA had published how they have dealt with this problem. I am absolutely sure that they onluy realised following the expose on the American documentary that hit cyberspace. My advice to anyone is make sure that if someone is copying your personal data onto a photocopier that you ensure it is erased from the hard drive. How you do that I havent a clue!!!
Unsuitable or offensive? Report this comment