Inadequate employee email training could have caused a much larger headache for Cheshire East Council Cheshire East Council in the UK has been fined £80,000 for a simple employee email mistake that caused sensitive information to be disseminated to 180 unintended recipients. It also exposes the greater liabilities caused by staff who don’t understand the difference between using secure organisation email systems and their own consumer email accounts. The simple mistake was this: instead of sending a work email through the council’s secure email system, the employee used their Hotmail account. Because the email carried no instructions about how the information was to be handled – something that is often included in email footers coming from organisational accounts – the recipients presumed the email was to be forwarded on. Stephen Eckersley, Head of Enforcement at the Information Commissioner's Office, cited that the fine was partly issued because the employee hadn’t been provided with adequate data protection training. The risks caused by using personal accounts for work emails are naturally much more extensive than misinterpretation of what to do with the information they contain. Not all consumer email systems afford the same level of protection as organisation systems, which make them more vulnerable to hacking. There are also the added dangers of taking business ‘outside the office’. For example, many employees aren’t aware of how easily information can be intercepted across unsecured home or public wireless connections.
Related Articles -
training, cheshire east council,
|