home > News > HSBC fined $5.2 million in UK for data loss

HSBC fined $5.2 million in UK for data loss

(August 2009)

Britain’s financial regulator The Financial Services Authority (FSA) has fined three units of HSBC Group 3.185 million pounds ($5.2 million) for failing to protect consumer data from loss or theft.

The FSA said HSBC Life UK Ltd. was fined 1.61 million pounds, HSBC Actuaries and Consultants Ltd. was fined 875,000 pounds and HSBC Insurance Brokers Ltd. was fined 700,000 pounds.

The fines were still imposed despite HSBC confirming that no clients had reported losses as a result of these failures.

All three firms had been warned by HSBC Group Insurance’s compliance team about the need for robust data security controls in July 2007, but in February 2008 an unencrypted CD containing the details of 180,000 policy holders was lost in the post, the FSA said.

It said it found that large amounts of unencrypted customer data had been sent by post or courier to third parties.

Confidential information about customers was left on open shelves or in unlocked cabinets, and staff were not given sufficient training on identifying and managing risks like identity theft, the regulator said.

“All three firms failed their customers by being careless with personal details which could have ended up in the hands of criminals,” said Margaret Cole, the agency’s director of enforcement.

“It is also worrying that increasing awareness around the importance of keeping personal information safe and the dangers of fraud did not prompt the firms to do more to protect their customers’ details.”

The largest previous fine for data protection failures was the 1.26 million pounds assessed against Norwich Union, the agency said. HSBC said it had contacted customers who were potentially affected, and said 33,500 employees had received data protection training.

“We hold ourselves to the highest standards, but it is clear that in these instances we have fallen short, which we sincerely regret,” said Clive Bannister, group managing director of HSBC Insurance.

“While this is a serious matter, no customer reported any loss from these failures and we are doing everything possible to prevent a recurrence,” Bannister said.

DCS and Data Security

DCS are global providers of scanning solutions, document management, and business process outsourcing and automation solutions to many of the World´s largest companies.

Our scanning services as well as our FileStore system has an encryption and security control module which prevents unsecured access and prevents distribution without an encryption key.

For more information Contact DCS on 01753 616720.

 


Data Capture Solutions LTD
345 Edinburgh Avenue, Slough,
Berkshire, SL1 4TU, UK
Tel: 01753 616720   |   Fax: 01753 616721
Data Capture Solutions are a UK company providing document scanning and document management systems to global business. DCS provide document management consultancy, automated invoice processing and electronic document management systems. Our scanning services include bulk document scanning, forms capture, data conversion and data entry services as well as invoice scanning and processing, worflow, email archiving, mailroom and post room services
Copyright © 2009 DCS  | Contact Us   | Privacy  | Terms of Use  | Sitemap   | Websites   | Top